Merge pull request #1638 from biow0lf/another-fix-typos

hsbt · web-flow · commit 8fb36c42dc24 · 2017-09-15T09:29:19.000+09:00
Fix typos
diff --git a/en/news/_posts/2017-09-14-json-heap-exposure-cve-2017-14064.md b/en/news/_posts/2017-09-14-json-heap-exposure-cve-2017-14064.md
@@ -9,12 +9,12 @@ lang: en
 ---
 
 There is a heap exposure vulnerability in JSON bundled by Ruby.
-This vulnerability has been assgined the CVE identifier [CVE-2017-14064](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064).
+This vulnerability has been assigned the CVE identifier [CVE-2017-14064](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14064).
 
 ## Details
 
 The `generate` method of `JSON` module optionally accepts an instance of `JSON::Ext::Generator::State` class.
-If a malcious instance is passed, the result may include contents of heap.
+If a malicious instance is passed, the result may include contents of heap.
 
 All users running an affected release should either upgrade or use one of the workarounds immediately.
 
diff --git a/en/news/_posts/2017-09-14-openssl-asn1-buffer-underrun-cve-2017-14033.md b/en/news/_posts/2017-09-14-openssl-asn1-buffer-underrun-cve-2017-14033.md
@@ -1,6 +1,6 @@
 ---
 layout: news_post
-title: "CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docode"
+title: "CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode"
 author: "usa"
 translator:
 date: 2017-09-14 12:00:00 +0000
@@ -9,7 +9,7 @@ lang: en
 ---
 
 There is a buffer underrun vulnerability in OpenSSL bundled by Ruby.
-This vulnerability has been assgined the CVE identifier [CVE-2017-14033](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033).
+This vulnerability has been assigned the CVE identifier [CVE-2017-14033](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14033).
 
 ## Details
 
diff --git a/en/news/_posts/2017-09-14-ruby-2-2-8-released.md b/en/news/_posts/2017-09-14-ruby-2-2-8-released.md
@@ -13,12 +13,12 @@ Please check the topics below for details.
 
 * [CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf](/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/)
 * [CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick](/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/)
-* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docode](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
+* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
 * [CVE-2017-14064: Heap exposure vulnerability in generating JSON](/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/)
 * [Multiple vulnerabilities in RubyGems](/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/)
 * Updated bundled libyaml to version 0.1.7
 
-Ruby 2.2 is now under the state of the security maintenance phase, until the endo of the March of 2018.
+Ruby 2.2 is now under the state of the security maintenance phase, until the end of the March of 2018.
 After the date, maintenance of Ruby 2.2 will be ended.
 We recommend you start planning migration to newer versions of Ruby, such as 2.4 or 2.3.
 
diff --git a/en/news/_posts/2017-09-14-ruby-2-3-5-released.md b/en/news/_posts/2017-09-14-ruby-2-3-5-released.md
@@ -14,7 +14,7 @@ Please check the topics below for details.
 
 * [CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf](/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/)
 * [CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick](/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/)
-* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docode](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
+* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
 * [CVE-2017-14064: Heap exposure vulnerability in generating JSON](/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/)
 * [Multiple vulnerabilities in RubyGems](/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/)
 * Updated bundled libyaml to version 0.1.7
diff --git a/en/news/_posts/2017-09-14-ruby-2-4-2-released.md b/en/news/_posts/2017-09-14-ruby-2-4-2-released.md
@@ -12,7 +12,7 @@ This release contains some security fixes.
 
 * [CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf](/en/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/)
 * [CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick](/en/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/)
-* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 docod](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
+* [CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode](/en/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/)
 * [CVE-2017-14064: Heap exposure in generating JSON](/en/news/2017/09/14/json-heap-exposure-cve-2017-14064/)
 * [Multiple vulnerabilities in RubyGems](/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/)
 * Update bundled libyaml to version 0.1.7.
diff --git a/en/news/_posts/2017-09-14-sprintf-buffer-underrun-cve-2017-0898.md b/en/news/_posts/2017-09-14-sprintf-buffer-underrun-cve-2017-0898.md
@@ -9,12 +9,12 @@ lang: en
 ---
 
 There is a buffer underrun vulnerability in the `sprintf` method of `Kernel` module.
-This vulnerability has been assgined the CVE identifier [CVE-2017-0898](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898).
+This vulnerability has been assigned the CVE identifier [CVE-2017-0898](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0898).
 
 ## Details
 
-If a malcious format string which contains a precious specifier (`*`) is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused.
-In such situcation, the result may contains heap, or the Ruby interpreter may crash.
+If a malicious format string which contains a precious specifier (`*`) is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused.
+In such situation, the result may contains heap, or the Ruby interpreter may crash.
 
 All users running an affected release should upgrade immediately.
 
diff --git a/en/news/_posts/2017-09-14-webrick-basic-auth-escape-sequence-injection-cve-2017-10784.md b/en/news/_posts/2017-09-14-webrick-basic-auth-escape-sequence-injection-cve-2017-10784.md
@@ -8,13 +8,13 @@ tags: security
 lang: en
 ---
 
-There is an escape sequence injection vulnerabirity in the Basic authentication of WEBrick bundled by Ruby.
-This vulnerability has been assgined the CVE identifier [CVE-2017-10784](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784).
+There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby.
+This vulnerability has been assigned the CVE identifier [CVE-2017-10784](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10784).
 
 ## Details
 
 When using the Basic authentication of WEBrick, clients can pass an arbitrary string as the user name.
-WEBrick outputs the passed user name intact to its log, then an attacker can inject malcious escape sequences to the log and dangerours control characters may be executed on a victim's terminal emulator.
+WEBrick outputs the passed user name intact to its log, then an attacker can inject malicious escape sequences to the log and dangerous control characters may be executed on a victim's terminal emulator.
 
 This vulnerability is similar to [a vulnerability already fixed](/en/news/2010/01/10/webrick-escape-sequence-injection/), but it had not been fixed in the Basic authentication.
 
