Log Message:
Update nsd to 4.1.24

4.1.24
================
FEATURES:
        - #4102: control interface via local socket.
          configure it with control-interface: "/path/nsd.ctl"  The path
          has to start with a / to separate it from an IP address.
          The local socket does not use SSL, but unencrypted traffic, use
          file and containing directory permissions to restrict access.
        - configure --enable-systemd (needs pkg-config and libsystemd) can
          be used to then use-systemd: yes in nsd.conf and have readiness
          signalling with systemd.
        - RFC8162 support, for record type SMIMEA.
BUG FIXES:
        - Patch to fix openwrt for mac os build darwin detection in configure.
        - Fix that first control-interface determines if TLS is used.  Warn
          when IP address interfaces are used without TLS.
        - #4106: Fix that stats printed from nsd-control are recast from
          unsigned long to unsigned (remote.c).
        - Fix that type CAA (and URI) in the zone file can contain
          dots when not in quotes.
        - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM
          chain, NSD leniently attempts to find a working NSEC3PARAM.

4.1.23
================
BUG FIXES:
        - Fix NSD time sensitive TSIG compare vulnerability.

4.1.22
================
FEATURES:
        - refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
          and allows TCP queries like normal.
        - Use accept4 to speed up answer of TCP queries, on Linux, FreeBSD
          and OpenBSD.
BUG FIXES:
        - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones.
        - Fix to use same condition for nsec3 hash allocation and free.