diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 6554bd70..ad08b34b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -122,7 +122,7 @@ jobs:
     uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0
     with:
       base64-subjects: "${{ needs.build.outputs.hashes }}"
-      upload-assets: true # Upload the generated provenance to release assets for releases for tags.
+      upload-assets: true # Upload the generated provenance to release assets for tags.
 
   buildkit-edge:
     runs-on: ubuntu-latest
diff --git a/README.md b/README.md
index bd8177e1..8388947f 100644
--- a/README.md
+++ b/README.md
@@ -91,7 +91,7 @@ Docker Linux packages also include Docker Buildx when installed using the
 > instead. For Linux, we recommend that you follow the [instructions specific for your distribution](#linux-packages).
 
 You can also download the latest binary from the [GitHub releases page](https://github.com/docker/buildx/releases/latest).
-We generate [SLSA3 provenance](slsa.dev) using the OpenSSF's [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) during the release process. To verify a relase binary:
+We generate [SLSA3 provenance](slsa.dev) using the OpenSSF's [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) during the release process. To verify a release binary:
 1. Install the verification tool from [slsa-framework/slsa-verifier#installation](https://github.com/slsa-framework/slsa-verifier#installation).
 2. Download the provenance file `attestation.intoto.jsonl` from the [GitHub releases page](https://github.com/docker/buildx/releases/latest).
 3. Run the verifier: