security: use same format for multiple affected version ranges

Do not repeat the package name if it does not change. Use comma separated list
consistently.

Part-of: <!151>