Marta Rybczynska authored Jun 16, 2021 and Bernhard Rosenkränzer committed Aug 19, 2021

Add the place for security-related policies and the CVE policy describing the
way of handling security vulnerabilities.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>