This update for pdns-recursor fixes the following issues:

pdns-recursor was updated to 4.6.6:

* fixes deterred spoofing attempts can lead to authoritative
  servers being marked unavailable (boo#1209897, CVE-2023-26437)

Fixes in 4.6.5:

* When an expired NSEC3 entry is seen, move it to the front
  of the expiry queue
* Log invalid RPZ content when obtained via IXFR
* Detect invalid bytes in makeBytesFromHex()
* Timeout handling for IXFRs as a client

Fixes in 4.6.4:

* Check qperq limit if throttling happened, as it increases counters
* Failure to retrieve DNSKEYs of an Insecure zone should not be fatal
* Resize answer length to actual received length in udpQueryResponse