Add a security policy document

Closes #1342

docs/SECURITY.md

@@ -0,0 +1,24 @@
+# Security Policy
+
+Hello and thank you for your interest in the `urfave/cli` security
+policy! :tada: :lock:
+
+## Supported Versions
+
+| Version   | Supported          |
+| --------- | ------------------ |
+| >= 2.3.x  | :white_check_mark: |
+| < 2.3     | :x:                |
+| >= 1.22.x | :white_check_mark: |
+| < 1.22    | :x:                |
+
+## Reporting a Vulnerability
+
+Please disclose any vulnerabilities by sending an email to:
+
+[dan+urfave-cli-security@meatballhat.com](mailto:dan+urfave-cli-security@meatballhat.com)
+
+You should expect a response within 48 hours and further
+communications to be decided via email. The `urfave/cli` maintainer
+team comprises volunteers who contribute when possible, so please
+have patience :bow: