Reorder release notes

diff --git a/doc/notes/notes-9.19.22.rst b/doc/notes/notes-9.19.22.rst
index c362e2a6599f0402002c72f330019b2a0053ca4b..0812e0d3765301a9da5c5d1e76b72354aa82adf3 100644 (file)
--- a/doc/notes/notes-9.19.22.rst
+++ b/doc/notes/notes-9.19.22.rst
@@ -15,24 +15,24 @@ Notes for BIND 9.19.22
 New Features
 ~~~~~~~~~~~~
 
-- The ``tls`` block was extended with a new ``cipher-suites`` option
-  that allows setting allowed cipher suites for TLSv1.3. Please
-  consult the documentation for additional details.
-  :gl:`#3504`
-
-- The statistics channel now includes counters that indicate the number
-  of currently connected TCP IPv4/IPv6 clients. :gl:`#4425`
-
 - The statistics channel's incoming zone transfers information now also shows
   the zones' "first refresh" flag, which indicates that a zone is not fully
   ready yet, and its first ever refresh is pending or is in-progress. The number
   of such zones is now also exposed by the ``rndc status`` command. :gl:`#4241`
 
+- The statistics channel now includes counters that indicate the number
+  of currently connected TCP IPv4/IPv6 clients. :gl:`#4425`
+
 - Add HSM support to :any:`dnssec-policy`. You can now configure keys with a
   ``key-store`` that allows you to set the directory to store the key files and
   set a PKCS#11 URI string. The latter requires OpenSSL 3 and a valid PKCS#11
   provider to be configured for OpenSSL. :gl`#1129`.
 
+- The ``tls`` block was extended with a new ``cipher-suites`` option
+  that allows setting allowed cipher suites for TLSv1.3. Please
+  consult the documentation for additional details.
+  :gl:`#3504`
+
 - Add support for RESINFO record type. :gl:`#4413`
 
 Removed Features
@@ -70,6 +70,16 @@ Feature Changes
 Bug Fixes
 ~~~~~~~~~
 
+- A regression in cache-cleaning code enabled memory use to grow
+  significantly more quickly than before, until the configured
+  :any:`max-cache-size` limit was reached. This has been fixed.
+  :gl:`#4596`
+
+- Using :option:`rndc flush` inadvertently caused cache cleaning to
+  become less effective. This could ultimately lead to the configured
+  :any:`max-cache-size` limit being exceeded and has now been fixed.
+  :gl:`#4621`
+
 - Changes to ``listen-on`` statements were ignored on reconfiguration
   unless the port or interface address was changed, making it
   impossible to change a related listener transport type. That issue
@@ -84,16 +94,6 @@ Bug Fixes
   ISC would like to thank to Jinmei Tatuya from Infoblox for bringing
   this issue to our attention.
 
-- A regression in cache-cleaning code enabled memory use to grow
-  significantly more quickly than before, until the configured
-  :any:`max-cache-size` limit was reached. This has been fixed.
-  :gl:`#4596`
-
-- Using :option:`rndc flush` inadvertently caused cache cleaning to
-  become less effective. This could ultimately lead to the configured
-  :any:`max-cache-size` limit being exceeded and has now been fixed.
-  :gl:`#4621`
-
 Known Issues
 ~~~~~~~~~~~~