optimize: update security policy, disclaimer and notice (apache#6239)

Author: slievrly

.licenserc.yaml

@@ -46,6 +46,7 @@ header:
     - 'README.md'
     - 'LICENSE'
     - 'NOTICE'
+    - 'DISCLAIMER'
     - '**/*.md'
     - '.github/**'
     #SPI、spring.factories、spring-configuration-metadata.json、additional-spring-configuration-metadata.json

DISCLAIMER

@@ -0,0 +1,10 @@
+Apache Seata (incubating) is an effort undergoing incubation at the Apache
+Software Foundation (ASF), sponsored by the Apache Incubator PMC.
+
+Incubation is required of all newly accepted projects until a further review
+indicates that the infrastructure, communications, and decision making process
+have stabilized in a manner consistent with other successful ASF projects.
+
+While incubation status is not necessarily a reflection of the completeness
+or stability of the code, it does indicate that the project has yet to be
+fully endorsed by the ASF.

NOTICE

@@ -1,5 +1,5 @@
 Apache Seata (Incubating)
-Copyright 2023 The Apache Software Foundation
+Copyright 2023-2024 The Apache Software Foundation
 
 This product includes software developed at
 The Apache Software Foundation (http://www.apache.org/).

SECURITY.md

@@ -1,6 +1,7 @@
 # Security Policy
 
-## Reporting a security issue
+This is a project of the [Apache Software Foundation](https://apache.org) and follows the ASF [vulnerability handling process](https://apache.org/security/#vulnerability-handling).
 
-If you think the bug you found is likely to make Seata-based applications vulnerable to an attack, please do not use 
-our public issue tracker but report it to [ASRC(Alibaba Security Response Center)](https://security.alibaba.com/).
+## Reporting a Vulnerability
+
+To report a new vulnerability you have discovered please follow the [ASF vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability).