[Security Policy]: Enhancement proposals to Open-CMSIS-Pack security Policy

### Description

Here two proposals related to the newly introduced [Open-CMSIS-Pack security policy](https://github.com/Open-CMSIS-Pack/cmsis-toolbox/blob/main/SECURITY.md) 
The page mainly refers to the GitHub's private vulnerability reporting guidelines that remain rather generic as well as the vulnerability management section. I suggest considering as reference the security policy of trustedfimware.org project and more especially the [Security Incident Handling Process](https://trusted-firmware-docs.readthedocs.io/en/latest/security_center/incident_handling_process.html) section related to "disclosure" that figures out a description of the different steps with indicative timeline; this section also describes a communication process with a concept of "Especially Sensitive Stakeholders (ESSes)" that I also suggest considering for Open-CMSIS-Pack. 

### Is this request a Security Requirement?

- [x] Yes

### Priority

Medium

### Related Issues (Optional)

_No response_

### Additional Notes (Optional)

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Security Policy]: Enhancement proposals to Open-CMSIS-Pack security Policy #293

Description

Is this request a Security Requirement?

Priority

Related Issues (Optional)

Additional Notes (Optional)

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Security Policy]: Enhancement proposals to Open-CMSIS-Pack security Policy #293

Description

Description

Is this request a Security Requirement?

Priority

Related Issues (Optional)

Additional Notes (Optional)

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions