Update CVE-2022-21658 blog post

posts/2022-01-20-cve-2022-21658.md

@@ -10,7 +10,7 @@ author: The Rust Security Response WG
 [advisory]: https://groups.google.com/g/rustlang-security-announcements/c/R1fZFDhnJVQ
 
 The Rust Security Response WG was notified that the `std::fs::remove_dir_all`
-standard library function is vulneable a race condition enabling symlink
+standard library function is vulnerable a race condition enabling symlink
 following (CWE-363). An attacker could use this security issue to trick a
 privileged program into deleting files and directories the attacker couldn't
 otherwise access or delete.
@@ -50,7 +50,7 @@ able to reliably perform it within a couple of seconds.
 Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability. We're going
 to release Rust 1.58.1 later today, which will include mitigations for this
 vulnerability. Patches to the Rust standard library are also available for
-custom-built Rust toolchains here (TODO: link).
+custom-built Rust toolchains [here][2].
 
 Note that the following targets don't have usable APIs to properly mitigate the
 attack, and are thus still vulnerable even with a patched toolchain:
@@ -73,7 +73,7 @@ intended outside of race conditions.
 ## Acknowledgments
 
 We want to thank Hans Kratz for independently discovering and disclosing this
-issue to us according to the [Rust security policy][2], for developing the fix
+issue to us according to the [Rust security policy][3], for developing the fix
 for UNIX-like targets and for reviewing fixes for other platforms.
 
 We also want to thank Florian Weimer for reviewing the UNIX-like fix and for
@@ -85,4 +85,5 @@ and writing this advisory, Chris Denton for writing the Windows fix, Alex
 Crichton for writing the WASI fix, and Mara Bos for reviewing the patches.
 
 [1]: https://www.cve.org/CVERecord?id=CVE-2022-21658
-[2]: https://www.rust-lang.org/policies/security
+[2]: https://github.com/rust-lang/wg-security-response/tree/master/patches/CVE-2022-21658
+[3]: https://www.rust-lang.org/policies/security