From 1dbc69bff5b7b48d51f83247da69f3d4515c094f Mon Sep 17 00:00:00 2001
From: Lindacornwall <55097368+Lindacornwall@users.noreply.github.com>
Date: Thu, 12 Sep 2024 10:37:06 +0100
Subject: [PATCH] Update Advisory-EGI-SVG-2024-15.md

---
 2024/Advisory-EGI-SVG-2024-15.md | 88 --------------------------------
 1 file changed, 88 deletions(-)

diff --git a/2024/Advisory-EGI-SVG-2024-15.md b/2024/Advisory-EGI-SVG-2024-15.md
index 6dcd52b..a67893a 100644
--- a/2024/Advisory-EGI-SVG-2024-15.md
+++ b/2024/Advisory-EGI-SVG-2024-15.md
@@ -85,94 +85,6 @@ Vulnerabilities relevant for EGI can be reported at
 (see [R 99] for further details, and other information on SVG)
     
     
-## REFERENCES
-
-- [R 1] <https://italiangrid.github.io/voms/>
-
-- [R 2] <https://repo.cloud.cnaf.infn.it/service/rest/repository/browse/voms-rpm-stable/redhat9/>
-
-- [R 3] <https://repo.cloud.cnaf.infn.it/service/rest/repository/browse/voms-rpm-stable/redhat8/>
-  
-Date:        2024-07-31
-Updated:
-
-HIGH risk vulnerability concerning the Java version of voms-proxy-init.
-During the proxy generation process it is possible for unauthorized
-users on the same machine to gain read access to the proxy. 
-This allows the user to then perform any action that is possible with 
-the original proxy.
-
-## IDs AND CVSS SCORE 
-
-EGI SVG ID : EGI-SVG-2024-15
-    
-CVE ID     : N/A
-
-CVSS Score : N/A 
-    
-## AFFECTED SOFTWARE AND VERSIONS
-
-The vulnerability was identified in the VOMS Java API (voms-api-java)
-v. 3.3.2 and is present in the VOMS Java Clients (voms-clients-java)
-v. 3.3.2. Earlier versions may be affected.
-  
-The vulnerability is fixed in voms-api-java v. 3.3.3 and in
-voms-clients-java v. 3.3.3.
-
-
-## ACTIONS REQUIRED/RECOMMENDED
-
-Sites are recommended to update voms-api-java and voms-clients-java to
-version 3.3.3 as soon as possible using information in the references 
-below.
-
-
-## COMPONENT INSTALLATION INFORMATION
-
-At present, the new version of voms-api-java and voms-clients-java 
-are released for EL 9, EL 8 and Centos 7 at [R 2], [R 3] and [R 4].
-The rpms are also available from the WLCG repository [R 5].
-
-
-## MORE INFORMATION
-
-This has been assessed as 'HIGH' risk as it allows impersonation of 
-another user.
-
-Some other software is also dependent on the VOMS Java API, but to
-our knowledge, none creates new proxies and therefore none should be 
-affected by the vulnerability in question.
-    
-## STATUS OF THIS ADVISORY
-                         
-_TLP:AMBER information - Limited distribution_ 
-
-This advisory will be made public on or after 2024-08-28 at:--
-
-https://advisories.egi.eu/Advisory-EGI-SVG-2024-15 
-
-Minor updates may be made without re-distribution to the sites.
-
-
-## CONTACT AND OTHER INFORMATION ON SVG
-
------------------------------
-    Others may re-use this information provided they:-
-    
-    1) Respect the provided TLP classification
-    
-    2) Credit the EGI (https://www.egi.eu/) Software Vulnerability Group
------------------------------
-    
-Comments or questions should be sent to
-	svg-rat at mailman.egi.eu
-
-Vulnerabilities relevant for EGI can be reported at
-	report-vulnerability at egi.eu
-    
-(see [R 99] for further details, and other information on SVG)
-    
-    
 ## REFERENCES
 
 - [R 1] <https://italiangrid.github.io/voms/>