From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 26 Sep 2016 15:06:11 +0000 (-0400)
Subject: reorder list
X-Git-Tag: release_3_0_12~14
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;ds=sidebyside;h=3d6b62896818bfbd11f6cd782a3056133e0f7743;p=freeradius.git

reorder list
---

diff --git a/src/main/tls.c b/src/main/tls.c
index d3c3810..0670986 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -68,26 +68,19 @@ typedef struct libssl_defect {
 	char const	*comment;
 } libssl_defect_t;
 
-/* Record critical defects in libssl here (newest first)*/
+/* Record critical defects in libssl here, new versions of OpenSSL to older versions of OpenSSL.  */
 static libssl_defect_t libssl_defects[] =
 {
 	{
-		.low		= 0x010001000,		/* 1.0.1  */
-		.high		= 0x01000106f,		/* 1.0.1f */
-		.id		= "CVE-2014-0160",
-		.name		= "Heartbleed",
-		.comment	= "For more information see http://heartbleed.com"
-	},
-	{
-		.low		= 0x01000100f,		/* 1.0.1  */
-		.high		= 0x01000114f,		/* 1.0.1t */
-		.id		= "CVE-2016-6304",
+		.low		= 0x01010101f,		/* 1.1.0a */
+		.high		= 0x01010101f,		/* 1.1.0a */
+		.id		= "CVE-2016-6309",
 		.name		= "OCSP status request extension",
-		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"
+		.comment	= "For more information see https://www.openssl.org/news/secadv/20160926.txt"
 	},
 	{
-		.low		= 0x01000200f,		/* 1.0.2  */
-		.high		= 0x01000208f,		/* 1.0.2h */
+		.low		= 0x01010100f,		/* 1.1.0  */
+		.high		= 0x01010100f,		/* 1.1.0  */
 		.id		= "CVE-2016-6304",
 		.name		= "OCSP status request extension",
 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"
@@ -100,18 +93,25 @@ static libssl_defect_t libssl_defects[] =
 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160926.txt"
 	},
 	{
-		.low		= 0x01010100f,		/* 1.1.0  */
-		.high		= 0x01010100f,		/* 1.1.0  */
+		.low		= 0x01000200f,		/* 1.0.2  */
+		.high		= 0x01000208f,		/* 1.0.2h */
 		.id		= "CVE-2016-6304",
 		.name		= "OCSP status request extension",
 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"
 	},
 	{
-		.low		= 0x01010101f,		/* 1.1.0a */
-		.high		= 0x01010101f,		/* 1.1.0a */
-		.id		= "CVE-2016-6309",
+		.low		= 0x01000100f,		/* 1.0.1  */
+		.high		= 0x01000114f,		/* 1.0.1t */
+		.id		= "CVE-2016-6304",
 		.name		= "OCSP status request extension",
-		.comment	= "For more information see https://www.openssl.org/news/secadv/20160926.txt"
+		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"
+	},
+	{
+		.low		= 0x010001000,		/* 1.0.1  */
+		.high		= 0x01000106f,		/* 1.0.1f */
+		.id		= "CVE-2014-0160",
+		.name		= "Heartbleed",
+		.comment	= "For more information see http://heartbleed.com"
 	},
 };
 #endif /* ENABLE_OPENSSL_VERSION_CHECK */