===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/60.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- www/60.html	2016/07/22 20:33:22	1.21
+++ www/60.html	2016/07/22 21:24:11	1.22
@@ -120,7 +120,7 @@
     <ul>
     <li><tt>W^X</tt> is now strictly enforced by default;
 	a program can only violate it if the executable is marked with
-	<tt>PT_OPENBSD_WXNEEDED</tt> and its is located on a filesystem
+	<tt>PT_OPENBSD_WXNEEDED</tt> and it is located on a filesystem
 	mounted with the <tt>wxallowed</tt>
 	<a href="http://man.openbsd.org/mount.8">mount(8)</a> option.
     <li>The <a href="http://man.openbsd.org/setjmp.3">setjmp(3)</a>
@@ -129,8 +129,8 @@
     <li><a href="http://man.openbsd.org/sigreturn.2">sigreturn(2)</a>
 	can now only be used by the kernel-provided signal trampoline,
 	with a cookie to detect attempts to reuse it.
-    <li>To deter code reuse exploits, in <a href="http://man.openbsd.org/rc.8">rc(8)</a>,
-        re-link libc.so on startup, placing the objects in a random order. 
+    <li>To deter code reuse exploits, <a href="http://man.openbsd.org/rc.8">rc(8)</a>
+        re-links libc.so on startup, placing the objects in a random order. 
     <li>In the <a href="http://man.openbsd.org/getpwnam.3">getpwnam(3)</a>
         family of functions, stop opening the shadow database by default. 
     <li>Allow <a href="http://man.openbsd.org/tcpdump.8">tcpdump(8)</a>
@@ -326,7 +326,7 @@
           ensures that only <tt>GENERALIZEDTIME</tt> formats are accepted for
           OCSP, as per <i>RFC 6960</i>.
       </ul>
-    <li>The following CVEs had been fixed:
+    <li>The following CVEs have been fixed:
       <ul>
       <li><tt>CVE-2016-2105</tt>&#8212;EVP_EncodeUpdate overflow.
       <li><tt>CVE-2016-2106</tt>&#8212;EVP_EncryptUpdate overflow.