doc: remove problematic example from README

Remove Buffer constructor example from security reporting examples. Even
though the example text focuses on API compatibility, the pull request
cited is about zero-filling vs. not zero-filling, which is not an API
compatibility change (or at least is not unambiguously one). The fact
that it's a pull request is also problematic, since it's not reporting a
security issue but instead proposing a way to address one that has
already been reported publicly. Finally, the text focuses on the fact
that it was not deemed worth of backporting, but that was determined by
a vote by a divided CTC. It is unreasonable to ask someone reporting an
issue to make a determination that the CTC/TSC is divided on.

In short, it's not a good example for the list it is in. Remove it.

Refs: https://github.com/nodejs/node/pull/23759#discussion_r226804801

PR-URL: https://github.com/nodejs/node/pull/23817
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

1 files changed, 0 insertions, 6 deletions

diff --git a/README.md b/README.md
index 933a71ec5a..a8dc9a1453 100644
--- a/README.md
+++ b/README.md
@@ -179,12 +179,6 @@ nonetheless.
   arbitrary JavaScript code. That is already the highest level of privilege
   possible.
 
-- [#12141](https://github.com/nodejs/node/pull/12141): _buffer: zero fill
-  Buffer(num) by default_. The documented `Buffer()` behavior was prone to
-  [misuse](https://snyk.io/blog/exploiting-buffer/). It has since changed. It
-  was not deemed serious enough to fix in older releases and breaking API
-  stability.
-
 ### Private disclosure preferred
 
 - [CVE-2016-7099](https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/):