Log message:
net/bind914: update to 9.14.4

Update bind914 to 9.14.4.

	--- 9.14.4 released ---

5260.	[bug]		dnstap-read was producing malformed output for large
			packets. [GL #1093]

5258.	[func]		Added support for the GeoIP2 API from MaxMind,
			when BIND is compiled using "configure --with-geoip2".
			The legacy GeoIP API can be enabled by using
			"configure --with-geoip" instead. These options
			cannot be used together.

			Certain geoip ACL settings that were available with
			legacy GeoIP are not available when using GeoIP2.
			See the ARM for details. [GL #182]

5257.	[bug]		Some statistics data was not being displayed.
			Add shading to the zone tables. [GL #1030]

5256.	[bug]		Ensure that glue records are included in root
			priming responses if "minimal-responses" is not
			set to "yes". [GL #1092]

5255.	[bug]		Errors encountered while reloading inline-signing
			zones could be ignored, causing the zone content to
			be left in an incompletely updated state rather than
			reverted. [GL #1109]

5254.	[func]		Collect metrics to report to the statistics-channel
			DNSSEC signing operations (dnssec-sign) and refresh
			operations (dnssec-refresh) per zone and per keytag.
			[GL #513]

5253.	[port]		Support platforms that don't define ULLONG_MAX.
			[GL #1098]

5251.	[bug]		Statistics were broken in x86 Windows builds.
			[GL #1081]

5249.	[bug]		Fix a possible underflow in recursion clients
			statistics when hitting recursive clients
			soft quota. [GL #1067]

Log message:
bind*: Remove privileges from SMF method script.

This inadvertently opened up the named process to more privileges than
necessary and could be considered a security risk.  This may affect chroot
support, adding back in support for that will need to be done carefully.

Bump PKGREVISIONs.

Log message:
Fix so that pause really isn't used on SPARC.

Log message:
bind*: Move MESSAGE to MESSAGE.rcd, they are rc.d specific.

Log message:
net/bind914: update to 9.14.3

Update bind914 to 9.14.3 (BIND 9.14.3).

	--- 9.14.3 released ---

5244.	[security]	Fixed a race condition in dns_dispatch_getnext()
			that could cause an assertion failure if a
			significant number of incoming packets were
			rejected. (CVE-2019-6471) [GL #942]

5243.	[bug]		Fix a possible race between dispatcher and socket
			code in a high-load cold-cache resolver scenario.
			[GL #943]

5242.	[bug]		In relaxed qname minimizatiom mode, fall back to
			normal resolution when encountering a lame
			delegation, and use _.domain/A queries rather
			than domain/NS. [GL #1055]

5241.	[bug]		Fix Ed448 private and public key ASN.1 prefix blobs.
			[GL #225]

5240.	[bug]		Remove key id calculation for RSAMD5. [GL #996]

5238.	[bug]		Fix a possible deadlock in TCP code. [GL #1046]

5237.	[bug]		Recurse to find the root server list with 'dig +trace'.
			[GL #1028]

5234.	[port]		arm: just use the compiler's default support for
			yield. [GL #981]

Log message:
bind*: Fix a couple of issues in the SMF method.

Fix a typo in the configuration_file arguments, joyent/pkgsrc#189.
Ensure the /var/run/named directory has the correct permissions.

Log message:
net/bind914: fix runtime problem

Fix runtime problem by removing extra (fdwatch)  from NetBSD current.

Bump PKGREVISION.

Log message:
net/bind914: update to 9.14.2

pkgsrc change: remove "USE_CWRAPPERS=no".

	--- 9.14.2 released ---

5233.	[bug]		Negative trust anchors did not work with "forward only;"
			to validating resolvers. [GL #997]
5231.	[protocol]	Add support for displaying CLIENT-TAG and SERVER-TAG.
			[GL #960]
5229.	[protocol]	Enforce known SSHFP fingerprint lengths. [GL #852]
5228.	[cleanup]	If trusted-keys and managed-keys are configured
			simultaneously for the same name, the key cannot
			be rolled automatically. This configuration now
			logs a warning. [GL #868]
5224.	[bug]		Only test provide-ixfr on TCP streams. [GL #991]
5223.	[bug]		Fixed a race in the filter-aaaa plugin accessing
			the hash table. [GL #1005]
5222.	[bug]		'delv -t ANY' could leak memory. [GL #983]
5221.	[test]		Enable parallel execution of system tests on
			Windows. [GL !4101]
5220.	[cleanup]	Refactor the isc_stat structure to take advantage
			of stdatomic. [GL !1493]
5219.	[bug]		Fixed a race in the filter-aaaa plugin that could
			trigger a crash when returning an instance object
			to the memory pool. [GL #982]
5218.	[bug]		Conditionally include <dlfcn.h>. [GL #995]
5217.	[bug]		Restore key id calculation for RSAMD5. [GL #996]
5216.	[bug]		Fetches-per-zone counter wasn't updated correctly
			when doing qname minimization. [GL #992]
5215.	[bug]		Change #5124 was incomplete; named could still
			return FORMERR instead of SERVFAIL in some cases.
			[GL #990]
5214.	[bug]		win32: named now removes its lock file upon shutdown.
			[GL #979]
5213.	[bug]		win32: Eliminated a race which allowed named.exe running
			as a service to be killed prematurely during shutdown.
			[GL #978]
5211.	[bug]		Allow out-of-zone additional data to be included
			in authoritative responses if recursion is allowed
			and "minimal-responses" is disabled.  This behavior
			was inadvertently removed in change #4605. [GL #817]
5210.	[bug]		When dnstap is enabled and recursion is not
			available, incoming queries are now logged
			as "auth". Previously, this depended on whether
			recursion was requested by the client, not on
			whether recursion was available. [GL #963]
5209.	[bug]		When update-check-ksk is true, add_sigs was not
			considering offline keys, leaving record sets signed
			with the incorrect type key. [GL #763]
5208.	[test]		Run valid rdata wire encodings through totext+fromtext
			and tofmttext+fromtext methods to check these methods.
			[GL #899]
5207.	[test]		Check delv and dig TTL values. [GL #965]
5206.	[bug]		Delv could print out bad TTLs. [GL #965]
5205.	[bug]		Enforce that a DS hash exists. [GL #899]
5204.	[test]		Check that dns_rdata_fromtext() produces a record that
			will be accepted by dns_rdata_fromwire(). [GL #852]
5203.	[bug]		Enforce whether key rdata exists or not in KEY,
			DNSKEY, CDNSKEY and RKEY. [GL #899]
5202.	[bug]		<dns/ecs.h> was missing ISC_LANG_ENDDECLS. [GL #976]
5190.	[bug]		Ignore trust anchors using disabled algorithms.
			[GL #806]

Log message:
bind914: Fix version in COMMENT

Log message:
net/bind914: fix an error when reloading configuration

Fix an error when reloading configuration.  There is on more check to
"directory" in option statement is writable.

Bump PKGREVISION.