Merge branch '2.2.x' into 2.3.x

Author: wilkinsona

.github/ISSUE_TEMPLATE.md

@@ -7,7 +7,7 @@ categories as some of them do not apply here.
 STOP!! Please ask questions about how to use something, or to understand why something isn't
 working as you expect it to, on Stack Overflow using the spring-boot tag.
 - Security Vulnerability
-STOP!! Please don't raise security vulnerabilities here. Head over to https://pivotal.io/security to learn how to disclose them responsibly.
+STOP!! Please don't raise security vulnerabilities here. Head over to https://spring.io/security-policy to learn how to disclose them responsibly.
 - Managed Dependency Upgrade
 You DO NOT need to raise an issue for a managed dependency version upgrade as there's a semi-automatic process for checking managed dependencies for new versions before a release. BUT pull requests for upgrades that are more involved than just a version property change are still most welcome.
 - With an Immediate Pull Request

.github/PULL_REQUEST_TEMPLATE.md

@@ -5,7 +5,7 @@ submitting you pull request.
 Security Vulnerabilities
 
 STOP! If your contribution fixes a security vulnerability, please do not submit it.
-Instead, please head over to https://pivotal.io/security to learn how to disclose a
+Instead, please head over to https://spring.io/security-policy to learn how to disclose a
 vulnerability responsibly.
 
 Dependency Upgrades

CONTRIBUTING.adoc

@@ -22,7 +22,7 @@ Ideally, that would include a small sample project that reproduces the problem.
 
 == Reporting Security Vulnerabilities
 If you think you have found a security vulnerability in Spring Boot please *DO NOT* disclose it publicly until we've had a chance to fix it.
-Please don't report security vulnerabilities using GitHub issues, instead head over to https://tanzu.vmware.com/security and learn how to disclose them responsibly.
+Please don't report security vulnerabilities using GitHub issues, instead head over to https://spring.io/security-policy and learn how to disclose them responsibly.