This is a hotfix to Cromwell 68 which reverts a library update which allowed incorrect credentials to be used when performing the final copying of log files up to a users bucket in GCS.
There was no known route to exploit this bug but it caused workflows to potentially fail with access denied errors at the final upload step and display another user's service account name in the error message.
When updating to Cromwell 68 please reference the 8e12ab5 hotfix release docker image: broadinstitute/cromwell:68-8e12ab5