CVE/list: sort release entries after their package entry

1 files changed, 11 insertions, 10 deletions

diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 50660e1262..208226dd9d 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -1771,8 +1771,8 @@ CVE-2014-9761 (Multiple stack-based buffer overflows in the GNU C Library (aka g
 	{DLA-411-1}
 	- glibc 2.23-1 (bug #813187)
 	[jessie] - glibc <no-dsa> (Minor issue)
-	[wheezy] - eglibc <no-dsa> (Minor issue)
 	- eglibc <removed>
+	[wheezy] - eglibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e02cabecf0d025ec4f4ddee290bdf7aadb873bb3
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8f5e8b01a1da2a207228f2072c934fa5918554b8
@@ -4630,11 +4630,11 @@ CVE-2014-8873 (A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8
 	{DSA-3316-1 DSA-3235-1}
 	- openjdk-8 8u45-b14-1 (high)
 	- openjdk-7 7u79-2.5.5-1 (high)
+	[wheezy] - openjdk-7 <not-affected> (MIME type setting is harmless on wheezy)
+	[squeeze] - openjdk-7 <not-affected> (MIME type setting is harmless on this squeeze)
 	- openjdk-6 <removed> (high)
-	[squeeze] - openjdk-6 <not-affected> (MIME type setting is harmless on squeeze)
 	[wheezy] - openjdk-6 <not-affected> (MIME type setting is harmless on wheezy)
-	[squeeze] - openjdk-7 <not-affected> (MIME type setting is harmless on this squeeze)
-	[wheezy] - openjdk-7 <not-affected> (MIME type setting is harmless on wheezy)
+	[squeeze] - openjdk-6 <not-affected> (MIME type setting is harmless on squeeze)
 	NOTE: Starting with mime-support 3.53, MimeType entries in desktop
 	NOTE: files end up in /etc/mailcap, which introduces the user-initiated
 	NOTE: code execution.
@@ -5187,6 +5187,7 @@ CVE-2014-8601 (PowerDNS Recursor before 3.6.2 does not limit delegation chaining
 CVE-2014-8600 (Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.1 ...)
 	- kde-runtime 4:4.14.2-2 (bug #769632)
 	[wheezy] - kde-runtime <no-dsa> (Minor issue)
+	- kdebase-runtime <removed>
 	[squeeze] - kdebase-runtime <no-dsa> (Minor issue)
 	- webkitkde 1.3.4-2 (unimportant)
 	NOTE: webkitpart: http://quickgit.kde.org/?p=kwebkitpart.git&a=commit&h=641aa7c75631084260ae89aecbdb625e918c6689
@@ -6039,8 +6040,8 @@ CVE-2014-8317 (Cross-site scripting (XSS) vulnerability in the Webform Validatio
 CVE-2014-8350 (Smarty before 3.1.21 allows remote attackers to bypass the secure mode ...)
 	{DLA-452-1}
 	- smarty3 3.1.21-1 (bug #765920)
-	- smarty <not-affected> (Only affects 3.x series)
 	[squeeze] - smarty3 <end-of-life> (Unsupported in squeeze-lts)
+	- smarty <not-affected> (Only affects 3.x series)
 	NOTE: https://github.com/smarty-php/smarty/commit/279bdbd3521cd717cae6a3ba48f1c3c6823f439d.patch
 CVE-2014-8399 (The default configuration in systemd-shim 8 enables the Abandon debugg ...)
 	- systemd-shim 8-4
@@ -10371,9 +10372,9 @@ CVE-2014-6541 (Unspecified vulnerability in the Recovery component in Oracle Dat
 	NOT-FOR-US: Oracle
 CVE-2014-6540 (Unspecified vulnerability in the Oracle VM VirtualBox component in Ora ...)
 	- virtualbox-guest-additions <removed>
+	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	- virtualbox-guest-additions-iso 4.3.14-1
 	[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
-	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
 CVE-2014-6539 (Unspecified vulnerability in the Oracle Applications Framework compone ...)
 	NOT-FOR-US: Oracle E-Business Suite
@@ -16737,10 +16738,10 @@ CVE-2014-3874
 	RESERVED
 CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p1 ...)
 	- kfreebsd-8 <removed>
-	- kfreebsd-9 <removed> (bug #750493)
+	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
+	- kfreebsd-9 <removed> (bug #750493)
 	[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of r237663)
-	[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a point update)
 CVE-2014-3872 (Multiple SQL injection vulnerabilities in the administration login pag ...)
 	NOT-FOR-US: D-Link firmware
 CVE-2014-3871 (Multiple SQL injection vulnerabilities in register.php in Geodesic Sol ...)
@@ -17150,9 +17151,9 @@ CVE-2014-3690 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel befor
 CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local g ...)
 	{DSA-3067-1 DSA-3066-1}
 	- qemu 2.1+dfsg-6 (bug #765496)
+	[squeeze] - qemu <end-of-life>
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
-	[squeeze] - qemu <end-of-life>
 	NOTE: Upstream's quick and easy stopgap for this issue: compile out the hardware acceleration functions which lack sanity checks.
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=83afa38eb20ca27e30683edc7729880e091387fc
 CVE-2014-3688 (The SCTP implementation in the Linux kernel before 3.17.4 allows remot ...)
@@ -17317,9 +17318,9 @@ CVE-2014-3641 (The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder
 CVE-2014-3640 (The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.1+dfsg-5 (bug #762532)
+	[squeeze] - qemu <end-of-life>
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life>
-	[squeeze] - qemu <end-of-life>
 	NOTE: http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html
 CVE-2014-3639 (The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not ...)
 	{DSA-3026-1 DLA-87-1}