Log message:
net/bind916: fix blocklist handling

Apply change of revision 1.21 in NetBSD base which fixed PR bin/58170.

Bump PKGREVISION.

Log message:
net/bind916: update to 9.16.50

9.16.50 (2024-04-17)

This release marks the end of maintenance for the BIND 9.16 branch.

6364.	[protocol]	Add RESOLVER.ARPA to the built in empty zones.
			[GL #4580]

6338.	[func]		Optimize slabheader placement, so the infrastructure
			records are put in the beginning of the slabheader
			linked list. [GL !8675]

Log message:
*: recursive bump for protobuf 26.1

Log message:
net/bind916: update to 9.16.49

9.16.49 (2024-03-20)

6356.	[bug]		Create the pruning task in the dns_cache_flush(), so
			the cache pruning still works after the flush.
			[GL #4621]

6353.	[bug]		Improve the TTL-based cleaning by removing the expired
			headers from the heap, so they don't block the next
			cleaning round and clean more than a single item for
			each new addition to the RBTDB. [GL #4591]

6352.	[bug]		Decrease lock contention during RBTDB tree pruning
			introduced in change 6319 by making the prunenodes list
			bucketed and not cleaning up nodes recursively within a
			single prune_tree() call. [GL #4596]

6350.	[bug]		Address use after free in expire_lru_headers. [GL #4495]

Log message:
net/bind916: update to 9.16.48

	--- 9.16.48 released ---

6343.	[bug]		Fix case insensitive setting for isc_ht hashtable.
			[GL #4568]

	--- 9.16.47 released ---

6322.	[security]	Specific DNS answers could cause a denial-of-service
			condition due to DNS validation taking a long time.
			(CVE-2023-50387) [GL #4424]

6321.	[security]	Change 6315 inadvertently introduced regressions that
			could cause named to crash. [GL #4234]

	--- 9.16.46 released ---

6319.	[security]	Query patterns that continuously triggered cache
			database maintenance could exhaust all available memory
			on the host running named. (CVE-2023-6516) [GL #4383]

6317.	[security]	Restore DNS64 state when handling a serve-stale timeout.
			(CVE-2023-5679) [GL #4334]

6316.	[security]	Specific queries could trigger an assertion check with
			nxdomain-redirect enabled. (CVE-2023-5517) [GL #4281]

6315.	[security]	Speed up parsing of DNS messages with many different
			names. (CVE-2023-4408) [GL #4234]

6314.	[bug]		Address race conditions in dns_tsigkey_find().
			[GL #4182]

6304.	[bug]		The wrong time was being used to determine what RRSIGs
			where to be generated when dnssec-policy was in use.
			[GL #4494]

6282.	[func]		Deprecate AES-based DNS cookies. [GL #4421]

Log message:
revbump for devel/abseil

Log message:
*/builtin.mk: Disable for cross-build if executes target program.

We can't run target programs during cross-build, so we either need to
disable builtin detection or find another way to detect the target
program's version.

No change to native builds because this just makes some existing
logic conditional on native builds.

Log message:
net/bind916: updte to 9.16.45

Note: B.ROOT-SERVERS.NET's addresses will be changed November 27, 2023.

9.16.45 (2023-11-15)

6269.	[maint]		B.ROOT-SERVERS.NET addresses are now 170.247.170.2 and
			2801:1b8:10::b. [GL #4101]

6254.	[cleanup]	Add semantic patch to do an explicit cast from char
			to unsigned char in ctype.h class of functions.
			[GL #4327]

6250.	[bug]		The wrong covered value was being set by
			dns_ncache_current for RRSIG records in the returned
			rdataset structure. This resulted in TYPE0 being
			reported as the covered value of the RRSIG when dumping
			the cache contents. [GL #4314]