Bind9 security upgrade

[bob prohaska]

What's the appropriate port of bind for use at present?
It appears 9.16.1 is subject to a DOS attack, to which I 
seem to have fallen victim:
https://kb.isc.org/docs/cve-2020-8617

There's a port called bind9.16.11, which is compiling now,
but it's unclear if that's adequately patched. The CVE 
calls for 9.16.3 as the fixed version. 

Thanks for reading!

bob prohaska