Fix #743, Create OSAL Security Policy Markdown

[ArielSAdamsNASA]

Describe the contribution
Fixes #743
Created a draft of a security policy markdown file for OSAL. The purpose of a security policy is to inform users on how to submit bugs or vulnerabilities. It is ideal to include a section for supported versions.

Additional context
Optional sections that may be included:

• What to expect security-wise such as what type of testing is done
• Address privacy concerns
• Supported versions
• License
• Known vulnerabilities

References to Public Security Policies:
https://github.com/thanos-io/thanos/security/policy
https://github.com/minhealthnz/nzcovidtracer-app/security/policy
https://github.com/odoo/odoo/security/policy

Contributor Info - All information REQUIRED for consideration of pull request
Ariel Adams, ASRC Federal

[astrogeco]

Follow similar format for cFS and other submodules

[astrogeco]

Swap the first two lines and combine them as so

To report a vulnerability for the Operating System Abstraction Layer (OSAL) please [submit an issue](URL to issue)
For general cFS vulnerabilities please [open a cFS framework issue](URL to open an issue at the bundle level) and see our [top-level security policy](URL to cFS-bundle security.md)

I think we can leave the "other subsystem" part out since they'll see that if they navigate to the bundle repo.

[astrogeco]

Replace "reach out" with "email us at"

Swap cfs-community@lists.nasa.gov with cfs-program@lists.nasa.gov since the community list will bounce messages from non-members.

Keep the community mailing list sentence and add the clause "For help using OSAL and cFS"

[ArielSAdamsNASA]

@astrogeco Please let me know if the changes meets your requests. I will then apply the same format to cFS and other submodules.