Update bug report template for security issues Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

commit: 09e35e7ac882496bb3a4fc0c4a5f9f70d297dd76 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Apr 04 12:59:49 2025 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Apr 04 12:59:49 2025 +0200
tree: 24b8026978f2528236ea82168aee6dd350f43a77
parent: 8bbe60a67fa8b4064d68deb70c0c4b2c8e48d944 [diff]
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index c203112..4f135f0 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,6 +7,12 @@
 
 ---
 
+NOTE: if the bug you are reporting has or may have security implications,
+we ask that you report it privately to
+<mbed-tls-security@lists.trustedfirmware.org>
+so that we can prepare and release a fix before publishing the details.
+See [SECURITY.md](https://github.com/Mbed-TLS/mbedtls/blob/development/SECURITY.md).
+
 ### Summary
 
 
@@ -25,6 +31,10 @@
 
 ### Actual behavior
 
+NOTE: if the actual behaviour evokes memory corruption (like a crash or an error
+from a memory checker), then the bug should be assumed to have security
+implications (until proven otherwise), and we ask what you report it privately,
+see the note at the some of this template.
 
 
 ### Steps to reproduce
commit	09e35e7ac882496bb3a4fc0c4a5f9f70d297dd76	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Apr 04 12:59:49 2025 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Fri Apr 04 12:59:49 2025 +0200
tree	24b8026978f2528236ea82168aee6dd350f43a77
parent	8bbe60a67fa8b4064d68deb70c0c4b2c8e48d944 [diff]