_content/security: update pre-announcement block

To include that we put CVE IDs in the pre-announcement email. Updates golang/go#56547 Change-Id: I113873339c93e8a33e63d15a471b800beb09e390 Reviewed-on: https://go-review.googlesource.com/c/website/+/470757 Reviewed-by: Julie Qiu <julieqiu@google.com> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-23 10:14:23 -08:00 · 2023-02-23 10:14:23 -08:00 · cd7ff650d3
--- a/_content/security/policy.md
+++ b/_content/security/policy.md
@ -67,9 +67,9 @@ PRIVATE track issues are **fixed in the next scheduled [minor
 releases](/wiki/MinorReleases)**, and are kept private until then.

 Three to seven days before the release, a pre-announcement is sent to
-golang-announce, announcing the presence of a security fix in the upcoming
-releases, and whether the issue affects the standard library, the toolchain, or
-both (but not disclosing any more details).
+golang-announce, announcing the presence of one or more security fixes in the
+upcoming releases, and whether the issues affect the standard library, the
+toolchain, or both, as well as reserved CVE IDs for each of the fixes.

 Some examples of past PRIVATE issues include: