diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
index 2fb8874543..0881a2e9cb 100644
--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -66,6 +66,13 @@
 
   <section xml:id="relnotes_security"><info><title>Security Fixes</title></info>
     <itemizedlist>
+      <listitem>
+	<para>
+	  It was possible to trigger a assertion when rendering a
+	  message using a specially crafted request. This flaw is
+	  disclosed in CVE-2016-2776. [RT #43139]
+	</para>
+      </listitem>
       <listitem>
 	<para>
 	 getrrsetbyname with a non absolute name could trigger an
@@ -76,16 +83,6 @@
 	</para>
       </listitem>
     </itemizedlist>
-
-    <itemizedlist>
-      <listitem>
-	<para>
-	  It was possible to trigger a assertion when rendering a
-	  message using a specially crafted request. This flaw is
-	  disclosed in CVE-2016-2776. [RT #43139]
-	</para>
-      </listitem>
-    </itemizedlist>
   </section>
 
   <section xml:id="relnotes_features"><info><title>New Features</title></info>