SECURITY.md: update the Reporting a Vulnerability link

[mateusz834]

The https://go.dev/security is about: "This page provides
resources for Go developers to improve security for their
projects.", https://go.dev/security/policy is about Go Security Policy.

go.dev/security links to go.dev/security/policy,
but I think it is better to link directly to go.dev/security/policy
in this case.

[gopherbot]

This PR (HEAD: 37ac8ab) has been imported to Gerrit for code review.

Please visit Gerrit at https://go-review.googlesource.com/c/go/+/530119.

Important tips:

• Don't comment on this PR. All discussion takes place in Gerrit.
• You need a Gmail or other Google account to register for Gerrit.
• To change your code in response to feedback:
  • Push a new commit to the branch used by your GitHub PR.
  • A new "patch set" will then appear in Gerrit.
  • Respond to each comment by marking as Done in Gerrit if implemented as suggested. You can alternatively write a reply.
  • Critical: you must click the blue Reply button near the top to publish your Gerrit responses.
  • Multiple commits in the PR will be squashed by GerritBot.
• The title and description of the GitHub PR are used to construct the final commit message.
  • Edit these as needed via the GitHub web interface (not via Gerrit or git).
  • You should word wrap the PR description at ~76 characters unless you need longer lines (e.g., for tables or URLs).
• See the Sending a change via GitHub and Reviews sections of the Contribution Guide as well as the FAQ for details.

[gopherbot]

Message from Gopher Robot:

Patch Set 1:

(1 comment)

---

Please don’t reply on this GitHub thread. Visit golang.org/cl/530119.
After addressing review feedback, remember to publish your drafts!

[gopherbot]

Message from Mateusz Poliwczak:

Patch Set 1:

(1 comment)

---

Please don’t reply on this GitHub thread. Visit golang.org/cl/530119.
After addressing review feedback, remember to publish your drafts!

[gopherbot]

Message from Roland Shoemaker:

Patch Set 1: Code-Review+2

---

Please don’t reply on this GitHub thread. Visit golang.org/cl/530119.
After addressing review feedback, remember to publish your drafts!

[gopherbot]

Message from Ian Lance Taylor:

Patch Set 1: Auto-Submit+1 Code-Review+2 Commit-Queue+1

(1 comment)

---

Please don’t reply on this GitHub thread. Visit golang.org/cl/530119.
After addressing review feedback, remember to publish your drafts!

[gopherbot]

Message from Go LUCI:

Patch Set 1:

Dry run: CV is trying the patch.

Bot data: {"action":"start","triggered_at":"2023-09-22T20:26:06Z","revision":"1dbcdd7b127d708e2d3fe519dd3416e4c0f22a6d"}

---

Please don’t reply on this GitHub thread. Visit golang.org/cl/530119.
After addressing review feedback, remember to publish your drafts!

[gopherbot]

This PR is being closed because golang.org/cl/530119 has been merged.