From 97380062ed0a4dc3a4fa9bd3d5db64a14c3947c6 Mon Sep 17 00:00:00 2001
From: Kurt Garloff <kurt@garloff.de>
Date: Wed, 8 Apr 2026 19:32:54 +0200
Subject: [PATCH 1/2] Fix typos.

Signed-off-by: Kurt Garloff <kurt@garloff.de>
---
 blog/2026-04-08-cve-2026-33551.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/blog/2026-04-08-cve-2026-33551.md b/blog/2026-04-08-cve-2026-33551.md
index 5e42530e18..1c611c3c0f 100644
--- a/blog/2026-04-08-cve-2026-33551.md
+++ b/blog/2026-04-08-cve-2026-33551.md
@@ -32,15 +32,15 @@ This is typically the case for SCS clouds, as S3 compatibility is a requirement.
 
 While creating AppCreds with roles with lower privileges is not a very common
 use case, it is supported by OpenStack clouds and is actually a good practice
-to limit the privileges of running coponents or the delegated privileges for
+to limit the privileges of running components or the delegated privileges for
 human bearers of the AppCred. The fact that EC2 credentials can be used to
-work around an regain the privileges of the user who created the original
+work around and regain the privileges of the user who created the original
 AppCred is a serious issue, as it breaks the principle of least privileges
 and may weaken or break security models for applications or delegated
 authorizations.
 
 Note that this vulnerability does not allow to escalate privileges further
-than the original AppCred creators privileges and does require the attacker
+than the original AppCred creator's privileges and does require the attacker
 to get access to the limited AppCred in the first place.
 
 ## Embargo
@@ -88,4 +88,5 @@ SCS security contact is [security@scs.community](mailto:security@scs.community),
 
 ## Version history
 
+- Typo fixes and yaook link, v1.0, 2026-04-09, xx:xx CEST
 - Initial draft, v0,9, 2026-04-08, 13:45 CEST

From b794bb5b2193f2f811813d966093e4d3d221dbe0 Mon Sep 17 00:00:00 2001
From: Kurt Garloff <kurt@garloff.de>
Date: Thu, 9 Apr 2026 12:35:30 +0200
Subject: [PATCH 2/2] Activate yaook link.

Signed-off-by: Kurt Garloff <kurt@garloff.de>
---
 blog/2026-04-08-cve-2026-33551.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/blog/2026-04-08-cve-2026-33551.md b/blog/2026-04-08-cve-2026-33551.md
index 1c611c3c0f..fc488375cd 100644
--- a/blog/2026-04-08-cve-2026-33551.md
+++ b/blog/2026-04-08-cve-2026-33551.md
@@ -73,7 +73,7 @@ The SCS ecosystem software providers provide fixed keystone images and
 installation instructions here as soon as the updated images are available:
 
 - [OSISM](https://osism.tech/docs/appendix/security/ossa-2026-005)
-- [yaook]<!--(https://yaook.cloud/security-advisories-cve-2026-33551)--> (TBD)
+- [yaook](https://yaook.cloud/security-advisories-cve-2026-33551)
 
 ## Thanks
 
@@ -88,5 +88,5 @@ SCS security contact is [security@scs.community](mailto:security@scs.community),
 
 ## Version history
 
-- Typo fixes and yaook link, v1.0, 2026-04-09, xx:xx CEST
+- Typo fixes and yaook link, v1.0, 2026-04-09, 10:30 CEST
 - Initial draft, v0,9, 2026-04-08, 13:45 CEST