From 101c02ace8036f92d07e3d5e22736267381c0489 Mon Sep 17 00:00:00 2001 From: Peter Amstutz Date: Fri, 5 Aug 2022 13:29:43 -0400 Subject: [PATCH] Grammar fixes refs #19330 Arvados-DCO-1.1-Signed-off-by: Peter Amstutz --- doc/admin/upgrading.html.textile.liquid | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/admin/upgrading.html.textile.liquid b/doc/admin/upgrading.html.textile.liquid index ca22473bd4..5d35ebb9a1 100644 --- a/doc/admin/upgrading.html.textile.liquid +++ b/doc/admin/upgrading.html.textile.liquid @@ -39,12 +39,12 @@ h2(#v2_4_2). v2.4.2 (2022-08-05) h3. GHSL-2022-063 GitHub Security Lab (GHSL) reported a remote code execution (RCE) -vulnerability in the Arvados Workbench allows authenticated attackers +vulnerability in the Arvados Workbench that allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This vulnerability is fixed in 2.4.2. -We believe the vulnerability exists all versions of Arvados up to 2.4.1. +We believe the vulnerability exists in all versions of Arvados up to 2.4.1. This vulnerability is specific to the Ruby on Rails Workbench application ("Workbench 1"). We do not believe any other Arvados -- 2.30.2