reorder list

diff --git a/src/main/tls.c b/src/main/tls.c
index d3c3810..0670986 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -68,26 +68,19 @@ typedef struct libssl_defect {
        char const      *comment;
 } libssl_defect_t;
 
-/* Record critical defects in libssl here (newest first)*/
+/* Record critical defects in libssl here, new versions of OpenSSL to older versions of OpenSSL.  */
 static libssl_defect_t libssl_defects[] =
 {
        {
-               .low            = 0x010001000,          /* 1.0.1  */
-               .high           = 0x01000106f,          /* 1.0.1f */
-               .id             = "CVE-2014-0160",
-               .name           = "Heartbleed",
-               .comment        = "For more information see http://heartbleed.com"
-       },
-       {
-               .low            = 0x01000100f,          /* 1.0.1  */
-               .high           = 0x01000114f,          /* 1.0.1t */
-               .id             = "CVE-2016-6304",
+               .low            = 0x01010101f,          /* 1.1.0a */
+               .high           = 0x01010101f,          /* 1.1.0a */
+               .id             = "CVE-2016-6309",
                .name           = "OCSP status request extension",
-               .comment        = "For more information see https://www.openssl.org/news/secadv/20160922.txt"
+               .comment        = "For more information see https://www.openssl.org/news/secadv/20160926.txt"
        },
        {
-               .low            = 0x01000200f,          /* 1.0.2  */
-               .high           = 0x01000208f,          /* 1.0.2h */
+               .low            = 0x01010100f,          /* 1.1.0  */
+               .high           = 0x01010100f,          /* 1.1.0  */
                .id             = "CVE-2016-6304",
                .name           = "OCSP status request extension",
                .comment        = "For more information see https://www.openssl.org/news/secadv/20160922.txt"
@@ -100,18 +93,25 @@ static libssl_defect_t libssl_defects[] =
                .comment        = "For more information see https://www.openssl.org/news/secadv/20160926.txt"
        },
        {
-               .low            = 0x01010100f,          /* 1.1.0  */
-               .high           = 0x01010100f,          /* 1.1.0  */
+               .low            = 0x01000200f,          /* 1.0.2  */
+               .high           = 0x01000208f,          /* 1.0.2h */
                .id             = "CVE-2016-6304",
                .name           = "OCSP status request extension",
                .comment        = "For more information see https://www.openssl.org/news/secadv/20160922.txt"
        },
        {
-               .low            = 0x01010101f,          /* 1.1.0a */
-               .high           = 0x01010101f,          /* 1.1.0a */
-               .id             = "CVE-2016-6309",
+               .low            = 0x01000100f,          /* 1.0.1  */
+               .high           = 0x01000114f,          /* 1.0.1t */
+               .id             = "CVE-2016-6304",
                .name           = "OCSP status request extension",
-               .comment        = "For more information see https://www.openssl.org/news/secadv/20160926.txt"
+               .comment        = "For more information see https://www.openssl.org/news/secadv/20160922.txt"
+       },
+       {
+               .low            = 0x010001000,          /* 1.0.1  */
+               .high           = 0x01000106f,          /* 1.0.1f */
+               .id             = "CVE-2014-0160",
+               .name           = "Heartbleed",
+               .comment        = "For more information see http://heartbleed.com"
        },
 };
 #endif /* ENABLE_OPENSSL_VERSION_CHECK */