docs: update SECURITY.md for Dragonfly

[gaius-qi]

Description

This pull request includes significant updates to the SECURITY.md file to enhance the security policy documentation. The changes introduce new sections for reporting vulnerabilities, the review process, and guidelines for joining the security announce mailing list.

Key updates to the security policy documentation:

• Reporting a Vulnerability: Added detailed steps for reporting a Dragonfly vulnerability through GitHub's security features and outlined the expected response time.
• Review Process: Described the process for handling reported vulnerabilities, including the creation of a draft security advisory and the involvement of security advisors and reporters in the discussion.
• Supported Versions: Updated the section to refer users to the Dragonfly releases page for information on supported versions and clarified the handling of security updates for different branches and packages.
• Joining the Security Announce Mailing List: Provided eligibility criteria and the process for joining the security announce mailing list, emphasizing the need for sponsorship and proper handling of non-public security information.
• Confidentiality, Integrity, and Availability: Highlighted the prioritization of vulnerabilities that affect data confidentiality, privilege elevation, integrity, and availability, and recommended configurations for a hardened environment.

Related Issue

Motivation and Context

Screenshots (if appropriate)

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation Update (if none of the other choices apply)

Checklist

• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.

[chlins]

lgtm