From fe93668c3b77a3194214266ae68e4a7eac12a3b2 Mon Sep 17 00:00:00 2001
From: Gerry Demaret <gerry@x-net.be>
Date: Tue, 18 Jul 2023 16:44:29 +0200
Subject: [PATCH] Update the security policy

---
 SECURITY.md | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index c68b159e..50297b5c 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,10 +2,20 @@
 
 ## Supported Versions
 
-I support only the last published version and the last development version (last commit).
+The AdminerEvo team only supports the last published version and the
+last development version (last commit).
 
 ## Reporting a Vulnerability
 
-To report a vulnerability, create a private bug at https://sourceforge.net/p/adminer/bugs-and-features/new/?private=1.
+To report a vulnerability, create a new security advisory
+[here](https://github.com/adminerevo/adminerevo/security/advisories).
 
-I handle security issues with top priority. If you don't hear from me in a week then please ping the bug. Once I accept the bug, the fix should be available and new version released within days. I will mark the bug as public after releasing a new version or declining the bug.
+Security issues are handled with top priority. Should a report go
+unnoticed for more than a week, please send a message in the original
+report thread.
+
+Once acknowledged, a fix should be available and a new version
+released within a week.
+
+Security advisories will be made public after a fix and new version
+have been released, or the advisory has been declined.