Merge pull request #4085 from mitchellh/sethvargo/security

Add security page

website/source/community/index.html.md

@@ -4,7 +4,7 @@ description: |
     dedicated users willing to help through various mediums.
 layout: community
 page_title: Community
-...
+---
 
 # Community
 

website/source/layouts/layout.erb

@@ -77,6 +77,7 @@
                 <li><a href="/intro">Intro</a></li>
                 <li><a href="/docs">Docs</a></li>
                 <li><a href="/community">Community</a></li>
+                <li><a href="/security.html">Security</a></li>
               </ul>
               <ul class="external-links white nav navbar-nav">
                 <li class="first download">

website/source/security.html.erb

@@ -0,0 +1,32 @@
+---
+page_title: "Security"
+layout: community
+description: |-
+  Packer takes security very seriously. Please responsibly disclose any security vulnerabilities found and we'll handle it quickly.
+---
+
+<h1>Packer Security</h1>
+
+<p>
+  We understand that many users place a high level of trust in HashiCorp
+  and the tools we build. We apply best practices and focus on security to
+  make sure we can maintain the trust of the community.
+</p>
+
+<p>
+  We deeply appreciate any effort to disclose vulnerabilities responsibly
+</p>.
+
+<p>
+  If you would like to report a vulnerability, please see the <a
+  href="https://www.hashicorp.com/security.html">HashiCorp security
+  page</a>, which has the proper email to communicate with as well as our
+  PGP key. Please <strong>do not create an GitHub issue for security
+  concerns</strong>.
+</p>
+
+<p>
+  If you are not reporting a security sensitive vulnerability, please open
+  an issue on the <a href="https://github.com/mitchellh/packer">Packer
+  GitHub repository</a>.
+</p>