update to nsd 4.1.23, from the release notes:

------------------------------------------------------------------------
NSD versions 4.1.22 and before are vulnerable in comparing TSIG
information and this can be used to discover a TSIG secret.

NSD uses TSIG to protect zone transfers.  The TSIG code uses a secret
key to protect the data.  The secret key is shared with both sides of
the zone transfer connection.  The comparison code in NSD was not time
insensitive, causing the potential for an attacker to use timing
information to discover data about the key contents.

NSD versions from 2.2.0 to 4.1.22 are vulnerable.  Upgrade to 4.1.23 or
newer to get the fix.

It was reported by Ondrej Sury (ISC).
------------------------------------------------------------------------

OK tb, sthen

1 files changed, 1 insertions, 1 deletions

diff --git a/usr.sbin/nsd/configure.ac b/usr.sbin/nsd/configure.ac
index 4c6772a47bd..c17501cb5a0 100644
--- a/usr.sbin/nsd/configure.ac
+++ b/usr.sbin/nsd/configure.ac
@@ -4,7 +4,7 @@ dnl
 
 sinclude(acx_nlnetlabs.m4)
 
-AC_INIT(NSD,4.1.22,nsd-bugs@nlnetlabs.nl)
+AC_INIT(NSD,4.1.23,nsd-bugs@nlnetlabs.nl)
 AC_CONFIG_HEADER([config.h])
 
 CFLAGS="$CFLAGS"