docs: update security policy with private vulnerability reports info

.github/ISSUE_TEMPLATE/bug_report.md

@@ -5,7 +5,7 @@ about: Create a bug report for rust-libp2p.
 
 <!-- Thank you for filing a bug report! -->
 
-<!-- For security related issues please reach out to security@libp2p.io. Please do not file a public issue on GitHub. -->
+<!-- For security related issues please file a private security vulnerability report at https://github.com/libp2p/rust-libp2p/security/advisories/new or reach out to security@libp2p.io. Please do not file a public issue on GitHub. -->
 
 ## Summary
 

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +1,11 @@
 blank_issues_enabled: true
 contact_links:
+  - name: Report a vulnerability
+    url: https://github.com/libp2p/rust-libp2p/security/advisories/new
+    about: For security related issues please file a private security vulnerability report.
   - name: Question
     url:  https://github.com/libp2p/rust-libp2p/discussions/new?category=q-a
     about: Please ask questions in the rust-libp2p GitHub Discussions forum.
   - name: Libp2p Discourse Forum
     url:  https://discuss.libp2p.io
-    about: Discussions and questions related to multiple libp2p implementations.
+    about: Discussions and questions related to multiple libp2p implementations.

README.md

@@ -14,8 +14,10 @@ This repository is the central place for Rust development of the [libp2p](https:
 - The **[examples](examples)** folder contains small binaries showcasing the
   many protocols in this repository.
 
-- For **security related issues** please reach out to security@libp2p.io. Please
-  do not file a public issue on GitHub.
+- For **security related issues** please [file a private security vulnerability
+  report](https://github.com/libp2p/rust-libp2p/security/advisories/new)
+  or reach out to [security@libp2p.io](mailto:security@libp2p.io). Please do not
+  file a public issue on GitHub.
 
 - To **report bugs, suggest improvements or request new features** please open a
   GitHub issue on this repository.

SECURITY.md

@@ -6,4 +6,6 @@ By default we provide security patches for the latest released version only. On
 
 ## Reporting a Vulnerability
 
-Please reach out to security@libp2p.io. Please do not file a public issue on GitHub.
+Please do not file a public issue on GitHub. Instead, please [file a private security vulnerability report](https://github.com/libp2p/rust-libp2p/security/advisories/new).
+
+If you need further assistance, please reach out to [security@libp2p.io](mailto:security@libp2p.io).