Some changes after review.

joshkorn13 · Apr 18, 2017 · 11d30ec · 11d30ec
1 parent 10c3236
commit 11d30ec
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/docs/bugs.json b/docs/bugs.json
@@ -30,7 +30,7 @@
         "name": "OptimizerStaleKnowledgeAboutSHA3",
         "summary": "The optimizer did not properly reset its knowledge about SHA3 operations resulting in some hashes (also used for storage variable positions) not being calculated correctly.",
         "description": "The optimizer performs symbolic execution in order to save re-evaluating expressions whose value is already known. This knowledge was not properly reset across control flow paths and thus the optimizer sometimes thought that the result of a SHA3 operation is already present on the stack. This could result in data corruption by accessing the wrong storage slot.",
-        "severity": "low/medium",
+        "severity": "medium",
         "fixed": "0.4.3",
         "conditions": {
             "optimizer": true

diff --git a/docs/bugs.rst b/docs/bugs.rst
@@ -6,7 +6,7 @@
 List of Known Bugs
 ##################
 
-Below, you can find a JSON-formatted list of known security-relevant bugs in the
+Below, you can find a JSON-formatted list of some of the known security-relevant bugs in the
 Solidity compiler. The file itself is hosted in the `Github repository
 <https://github.com/ethereum/solidity/blob/develop/docs/bugs.json>`_.
 The list stretches back as far as version 0.3.0, bugs known to be present only
@@ -20,8 +20,7 @@ Contract source verification tools and also other tools interacting with
 contracts should consult this list according to the following criteria:
 
  - It is mildly suspicious if a contract was compiled with a nightly
-   compiler version instead of a released version. These compiler versions
-   might contain undocumented bugs.
+   compiler version instead of a released version
  - It is also mildly suspicious if a contract was compiled with a version that was
    not the most recent at the time the contract was created. For contracts
    created from other contracts, you have to follow the creation chain

diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst
@@ -22,7 +22,8 @@ you should be more careful.
 This section will list some pitfalls and general security recommendations but
 can, of course, never be complete. Also, keep in mind that even if your
 smart contract code is bug-free, the compiler or the platform itself might
-have a bug. All known security-relevant bugs of the compiler can be found in the
+have a bug. A list of some publicly known security-relevant bugs of the compiler
+can be found in the
 :ref:`list of known bugs<known_bugs>`, which is also machine-readable. Note
 that there is a bug bounty program that covers the code generator of the
 Solidity compiler.