diff --git a/dns/bind918/Makefile b/dns/bind918/Makefile
index e25d62f9cfa5..3778ae838135 100644
--- a/dns/bind918/Makefile
+++ b/dns/bind918/Makefile
@@ -1,232 +1,232 @@
 # pkg-help formatted with fmt 59 63
 
 PORTNAME=	bind
 PORTVERSION=	${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
 .if defined(BIND_TOOLS_SLAVE)
 # dns/bind-tools here
 PORTREVISION=	0
 .else
 # dns/bind918 here
 PORTREVISION=	0
 .endif
 CATEGORIES=	dns net
 MASTER_SITES=	ISC/bind9/${ISCVERSION}
 .if defined(BIND_TOOLS_SLAVE)
 PKGNAMESUFFIX=	-tools
 .else
 PKGNAMESUFFIX=	918
 .endif
 DISTNAME=	${PORTNAME}-${ISCVERSION}
 
 MAINTAINER=	mat@FreeBSD.org
 .if defined(BIND_TOOLS_SLAVE)
 COMMENT=	Command line tools from BIND: delv, dig, host, nslookup...
 .else
 COMMENT=	BIND DNS suite with updated DNSSEC and DNS64
 .endif
 
 # Uncomment when bind920 comes of age. +3 years if ESV, +1year otherwise, see
 # https://kb.isc.org/docs/aa-00896
 # DEPRECATED=	End of life, please migrate to a newer version of BIND9
 # EXPIRATION_DATE=	2023-12-31
 
 LICENSE=	MPL20
 LICENSE_FILE=	${WRKSRC}/COPYRIGHT
 
 LIB_DEPENDS=	libuv.so:devel/libuv \
 		libnghttp2.so:www/libnghttp2 \
 		libxml2.so:textproc/libxml2
 
 .if !defined(BIND_TOOLS_SLAVE)
 RUN_DEPENDS=	bind-tools>0:dns/bind-tools
 .endif
 
 USES=		autoreconf compiler:c11 cpe libedit libtool pkgconfig ssl tar:xz
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.18.0
+ISCVERSION=	9.18.1
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
 .if ${ISCVERSION:M*-*}
 CPE_UPDATE=	${ISCVERSION:C/.*-//:tl}
 .endif
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--disable-linux-caps \
 		--localstatedir=/var \
 		--sysconfdir=${ETCDIR} \
 		--with-dlopen=yes \
 		--with-libxml2 \
 		--with-openssl=${OPENSSLBASE} \
 		--enable-dnsrps \
 		--with-readline=libedit
 CONFIGURE_ENV=	READLINE_CFLAGS="-L${LOCALBASE}/lib"
 ETCDIR=		${PREFIX}/etc/namedb
 
 .if defined(BIND_TOOLS_SLAVE)
 EXTRA_PATCHES=		${PATCHDIR}/extrapatch-bind-tools
 CONFIGURE_ARGS+=	--libdir=${PREFIX}/lib/bind-tools
 .else
 USE_RC_SUBR=		named
 SUB_FILES=		named.conf pkg-message
 EXTRA_PATCHES=		${PATCHDIR}/extrapatch-no-bind-tools
 
 PORTDOCS=	*
 
 CONFLICTS=	bind911 bind916 bind9-devel
 .endif	# BIND_TOOLS_SLAVE
 
 MAKE_JOBS_UNSAFE=	yes
 
 OPTIONS_DEFAULT=	GSSAPI_NONE IDN JSON LMDB MANPAGES \
 			TCP_FASTOPEN DNSTAP
 OPTIONS_DEFINE=		DNSTAP DOCS FIXED_RRSET GEOIP IDN JSON LARGE_FILE LMDB \
 			MANPAGES OVERRIDECACHE PORTREVISION QUERYTRACE \
 			START_LATE TCP_FASTOPEN
 
 OPTIONS_SINGLE=		GSSAPI
 OPTIONS_SINGLE_GSSAPI=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
 
 .if defined(BIND_TOOLS_SLAVE)
 OPTIONS_EXCLUDE=	DNSTAP DOCS GEOIP LMDB \
 			OVERRIDECACHE PORTREVISION QUERYTRACE START_LATE \
 			TCP_FASTOPEN
 .endif	# BIND_TOOLS_SLAVE
 
 OPTIONS_SUB=	yes
 
 DNSTAP_DESC=		Provides fast passive logging of DNS messages
 FIXED_RRSET_DESC=	Enable fixed rrset ordering
 GSSAPI_BASE_DESC=	Using Heimdal in base
 GSSAPI_HEIMDAL_DESC=	Using security/heimdal
 GSSAPI_MIT_DESC=	Using security/krb5
 GSSAPI_NONE_DESC=	Disable
 LARGE_FILE_DESC=	64-bit file support
 LMDB_DESC=		Use LMDB for zone management
 OVERRIDECACHE_DESC=	Use the override-cache patch
 PORTREVISION_DESC=	Show PORTREVISION in the version string
 QUERYTRACE_DESC=	Enable the very verbose query tracelogging
 START_LATE_DESC=	Start BIND late in the boot process (see help)
 TCP_FASTOPEN_DESC=	RFC 7413 support
 
 DOCS_ALL_TARGET=	all html
 DOCS_BUILD_DEPENDS=	sphinx-build:textproc/py-sphinx \
 			${PYTHON_PKGNAMEPREFIX}sphinx_rtd_theme>0:textproc/py-sphinx_rtd_theme@${PY_FLAVOR}
 DOCS_USES=	python:env
 
 DNSTAP_CONFIGURE_ENABLE=	dnstap
 DNSTAP_LIB_DEPENDS=		libfstrm.so:devel/fstrm \
 				libprotobuf-c.so:devel/protobuf-c
 
 FIXED_RRSET_CONFIGURE_ENABLE=	fixed-rrset
 
 GEOIP_CONFIGURE_ENABLE=	geoip
 GEOIP_CONFIGURE_WITH=	maxminddb
 GEOIP_LIB_DEPENDS=	libmaxminddb.so:net/libmaxminddb
 
 GSSAPI_BASE_CONFIGURE_ON=	--with-gssapi="${KRB5CONFIG}" \
 				${GSSAPI_CONFIGURE_ARGS}
 GSSAPI_BASE_USES=		gssapi
 
 GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-gssapi="${KRB5CONFIG}" \
 				${GSSAPI_CONFIGURE_ARGS}
 GSSAPI_HEIMDAL_USES=		gssapi:heimdal
 
 GSSAPI_MIT_CONFIGURE_ON=	--with-gssapi="${KRB5CONFIG}" \
 				${GSSAPI_CONFIGURE_ARGS}
 GSSAPI_MIT_USES=		gssapi:mit
 
 GSSAPI_NONE_CONFIGURE_ON=	--without-gssapi
 
 IDN_CONFIGURE_OFF=	--without-libidn2
 IDN_CONFIGURE_ON=	${ICONV_CONFIGURE_BASE} \
 			--with-libidn2=${LOCALBASE}
 IDN_LIB_DEPENDS=	libidn2.so:dns/libidn2
 IDN_USES=		iconv
 
 JSON_CONFIGURE_WITH=	json-c
 JSON_LIB_DEPENDS=	libjson-c.so:devel/json-c
 JSON_LDFLAGS=		-L${LOCALBASE}/lib -ljson-c
 
 LARGE_FILE_CONFIGURE_ENABLE=	largefile
 
 LMDB_CONFIGURE_WITH=	lmdb=${LOCALBASE}
 LMDB_LIB_DEPENDS=	liblmdb.so:databases/lmdb
 
 MANPAGES_BUILD_DEPENDS=	sphinx-build:textproc/py-sphinx
 
 OVERRIDECACHE_EXTRA_PATCHES=	${FILESDIR}/extrapatch-bind-min-override-ttl
 
 QUERYTRACE_CONFIGURE_ENABLE=	querytrace
 
 START_LATE_SUB_LIST=		NAMED_BEFORE="LOGIN" \
 				NAMED_REQUIRE="SERVERS cleanvar"
 START_LATE_SUB_LIST_OFF=	NAMED_BEFORE="SERVERS" \
 				NAMED_REQUIRE="NETWORKING ldconfig syslogd"
 
 TCP_FASTOPEN_CONFIGURE_ENABLE=	tcp-fastopen
 
 .include <bsd.port.options.mk>
 
 .if defined(WITH_DEBUG)
 CONFIGURE_ARGS+=	--enable-developer \
 			--enable-symtable
 USES+=			perl5
 USE_PERL5=		build
 BUILD_DEPENDS+=		cmocka>0:sysutils/cmocka
 .endif
 
 .include <bsd.port.pre.mk>
 
 .if ${SSL_DEFAULT} == base
 SUB_LIST+=	ENGINES=/usr/lib/engines
 .else
 SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
 .endif
 
 post-patch:
 .for FILE in check/named-checkconf.rst named/named.rst nsupdate/nsupdate.rst \
 	rndc/rndc.rst
 	@${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \
 		-e 's#/etc/rndc.conf#${ETCDIR}/rndc.conf#g' \
 		-e "s#/var\/run\/named\/named.pid#/var/run/named/pid#" \
 		${WRKSRC}/bin/${FILE}
 .endfor
 
 .if !defined(BIND_TOOLS_SLAVE)
 .  if ${PORTREVISION:N0}
 post-patch-PORTREVISION-on:
 	@${REINPLACE_CMD} '/^m4_define.*bind_VERSION_EXTRA/s#)#_${PORTREVISION})#' \
 		${WRKSRC}/configure.ac
 .  endif
 
 post-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
 	${MKDIR} ${STAGEDIR}${ETCDIR}
 .  for i in dynamic primary secondary working
 	@${MKDIR} ${STAGEDIR}${ETCDIR}/$i
 .  endfor
 	${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample
 	${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR}
 	${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/primary
 	${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${STAGEDIR}${ETCDIR}/primary
 	${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/primary
 	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.dist.sample
 	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.local.dist.sample
 
 post-install-DOCS-on:
 	${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
 	${INSTALL_DATA} ${WRKSRC}/CHANGES* \
 		${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
 	cd ${WRKSRC}/doc/arm/_build/html && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}/arm
 .else
 
 do-install:
 	for dir in bin lib doc/man; do \
 		(cd ${INSTALL_WRKSRC}/$$dir && ${SETENV} ${MAKE_ENV} ${FAKEROOT} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} ${INSTALL_TARGET}) ; \
 	done
 	@${RM} -r ${STAGEDIR}${PREFIX}/include
 
 .endif	# BIND_TOOLS_SLAVE
 
 .include <bsd.port.post.mk>
diff --git a/dns/bind918/distinfo b/dns/bind918/distinfo
index c269b36ae275..abf3548ad733 100644
--- a/dns/bind918/distinfo
+++ b/dns/bind918/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1644500257
-SHA256 (bind-9.18.0.tar.xz) = 56525bf5caf01fd8fd9d90910880cc0f8a90a27a97d169187d651d4ecf0c411c
-SIZE (bind-9.18.0.tar.xz) = 5292320
+TIMESTAMP = 1648135372
+SHA256 (bind-9.18.1.tar.xz) = 57c7afd871694d615cb4defb1c1bd6ed023350943d7458414db8d493ef560427
+SIZE (bind-9.18.1.tar.xz) = 5059456
diff --git a/dns/bind918/files/extrapatch-bind-min-override-ttl b/dns/bind918/files/extrapatch-bind-min-override-ttl
index e9dd87270a1e..f70f5794c603 100644
--- a/dns/bind918/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind918/files/extrapatch-bind-min-override-ttl
@@ -1,61 +1,61 @@
 Add the override-cache-ttl feature.
 
---- bin/named/config.c.orig	2022-01-24 08:28:57 UTC
+--- bin/named/config.c.orig	2022-03-07 08:05:16 UTC
 +++ bin/named/config.c
 @@ -172,6 +172,7 @@ options {\n\
  	notify-source *;\n\
  	notify-source-v6 *;\n\
  	nsec3-test-zone no;\n\
 +	override-cache-ttl 0; /* do not override */\n\
  	parental-source *;\n\
  	parental-source-v6 *;\n\
  	provide-ixfr true;\n\
---- bin/named/server.c.orig	2022-01-24 08:28:57 UTC
+--- bin/named/server.c.orig	2022-03-07 08:05:16 UTC
 +++ bin/named/server.c
-@@ -4482,6 +4482,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
+@@ -4496,6 +4496,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
  	}
  
  	obj = NULL;
 +	result = named_config_get(maps, "override-cache-ttl", &obj);
 +	INSIST(result == ISC_R_SUCCESS);
 +	view->overridecachettl = cfg_obj_asduration(obj);
 +
 +	obj = NULL;
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asduration(obj);
---- lib/dns/include/dns/view.h.orig	2022-01-24 08:28:57 UTC
+--- lib/dns/include/dns/view.h.orig	2022-03-07 08:05:16 UTC
 +++ lib/dns/include/dns/view.h
 @@ -155,6 +155,7 @@ struct dns_view {
  	bool		      requestnsid;
  	bool		      sendcookie;
  	dns_ttl_t	      maxcachettl;
 +	dns_ttl_t	      overridecachettl;
  	dns_ttl_t	      maxncachettl;
  	dns_ttl_t	      mincachettl;
  	dns_ttl_t	      minncachettl;
---- lib/dns/resolver.c.orig	2022-01-24 08:28:57 UTC
+--- lib/dns/resolver.c.orig	2022-03-07 08:05:16 UTC
 +++ lib/dns/resolver.c
-@@ -6119,6 +6119,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
+@@ -6130,6 +6130,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
  		}
  
  		/*
 +		 * Enforce the configure cache TTL override.
 +		 */
 +                if (res->view->overridecachettl)
 +                        rdataset->ttl = res->view->overridecachettl;
 +
 +		/*
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2022-01-24 08:28:57 UTC
+--- lib/isccfg/namedconf.c.orig	2022-03-07 08:05:16 UTC
 +++ lib/isccfg/namedconf.c
-@@ -2086,6 +2086,7 @@ static cfg_clausedef_t view_clauses[] = {
+@@ -2091,6 +2091,7 @@ static cfg_clausedef_t view_clauses[] = {
  #endif /* ifdef HAVE_LMDB */
  	{ "max-acache-size", NULL, CFG_CLAUSEFLAG_ANCIENT },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
 +	{ "override-cache-ttl", &cfg_type_duration, 0 },
  	{ "max-cache-ttl", &cfg_type_duration, 0 },
  	{ "max-clients-per-query", &cfg_type_uint32, 0 },
  	{ "max-ncache-ttl", &cfg_type_duration, 0 },
diff --git a/dns/bind918/files/patch-configure.ac b/dns/bind918/files/patch-configure.ac
index 7ca1502ec151..a5d7ab563b46 100644
--- a/dns/bind918/files/patch-configure.ac
+++ b/dns/bind918/files/patch-configure.ac
@@ -1,13 +1,13 @@
 automake has warnings, it is ok here.
 
---- configure.ac.orig	2022-01-24 20:06:11 UTC
+--- configure.ac.orig	2022-03-07 08:05:16 UTC
 +++ configure.ac
 @@ -48,7 +48,7 @@ AC_CANONICAL_HOST
  AC_CANONICAL_TARGET
  
  AC_CONFIG_SRCDIR([bin/named/main.c])
--AM_INIT_AUTOMAKE([1.9 tar-pax foreign subdir-objects dist-xz no-dist-gzip -Wall -Werror])
-+AM_INIT_AUTOMAKE([1.9 tar-pax foreign subdir-objects dist-xz no-dist-gzip -Wall])
+-AM_INIT_AUTOMAKE([1.14 tar-pax foreign subdir-objects dist-xz no-dist-gzip -Wall -Werror])
++AM_INIT_AUTOMAKE([1.14 tar-pax foreign subdir-objects dist-xz no-dist-gzip -Wall])
  AM_SILENT_RULES([yes])
  AM_EXTRA_RECURSIVE_TARGETS([test unit doc])