From fa9fcb35286549d8eb37b3243547fa8bc0636944 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Thu, 5 Nov 2015 16:56:18 +0100
Subject: [PATCH] Updated cure53 Security Audit 2015 (markdown)

---
 cure53-Security-Audit-2015.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cure53-Security-Audit-2015.md b/cure53-Security-Audit-2015.md
index 8617559..b2e8e42 100644
--- a/cure53-Security-Audit-2015.md
+++ b/cure53-Security-Audit-2015.md
@@ -1,6 +1,6 @@
 The Security Audit can be downloaded at https://cure53.de/pentest-report_openkeychain.pdf
 
-All identified vulnerabilities has been discussed with cure53 and fixed in OpenKeychain 3.6. Only OKC-01-006 has not been fixed because it is not in our threat model. We will work on two Miscellaneous Issues (not vulnerabilities) for a future version of OpenKeychain.
+All identified vulnerabilities has been discussed with cure53 and fixed in OpenKeychain 3.6. Only OKC-01-006 has not been fixed because it is not in our threat model. We will work on two "Miscellaneous Issues" (not vulnerabilities) for a future version of OpenKeychain.
 
 ## Identified Vulnerabilities
 ### OKC-01-001 Private Keys can be imported from Keyserver (Medium)
@@ -73,7 +73,7 @@ FIXED IN:
 see OKC-01-015
 
 ### OKC-01-018 Key Server Verification Bypass via HTTP Redirect (Medium)
-OpenKeychain we now disallow all redirects, a warning is now shown when a keyserver is added without a pinned certificate, users needs to uncheck "only trusted keyserver" to get past the warning. We pinned sks-keyserver, pgp.mit.edu, keybase.io.
+We now disallow all redirects, a warning is now shown when a keyserver is added without a pinned certificate, users needs to uncheck "only trusted keyserver" to get past the warning. We pinned sks-keyserver, pgp.mit.edu, keybase.io.
 
 FIXED IN
   * https://github.com/open-keychain/open-keychain/commit/0b181743a3d6b1423e112b17a400b5ac4ac09bcb