package/unbound: security bump to version 1.21.0

Fixes the following security issue:

- CVE-2024-43167: A NULL pointer dereference flaw was found in the
  ub_ctx_set_fwd function in Unbound.  This issue could allow an attacker
  who can invoke specific sequences of API calls to cause a segmentation
  fault

See announcement:
https://nlnetlabs.nl/news/2024/Aug/15/unbound-1.21.0-released/

See also change log:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-21-0

This commit also updates the _SITE url from [1] to [2], to follow the
HTTP redirect, and the url published on the download page [3].

Finally, this commit adds a comment in the hash file that the PGP
signature was checked.

[1] https://www.unbound.net/downloads
[2] https://nlnetlabs.nl/downloads/unbound
[3] https://nlnetlabs.nl/projects/unbound/download

Signed-off-by: Julien Olivain <ju.o@free.fr>
[Peter: Mark as security bump, add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/unbound/unbound.hash

@@ -1,5 +1,8 @@
-# From https://nlnetlabs.nl/downloads/unbound/unbound-1.20.0.tar.gz.sha256
-sha256  56b4ceed33639522000fd96775576ddf8782bb3617610715d7f1e777c5ec1dbf  unbound-1.20.0.tar.gz
+# From https://nlnetlabs.nl/downloads/unbound/unbound-1.21.0.tar.gz.sha256
+# After checking pgp signature from:
+# https://nlnetlabs.nl/downloads/unbound/unbound-1.21.0.tar.gz.asc
+# with key: EDFAA3F2CA4E6EB05681AF8E9F6F1C2D7E045F8D
+sha256  e7dca7d6b0f81bdfa6fa64ebf1053b5a999a5ae9278a87ef182425067ea14521  unbound-1.21.0.tar.gz
 
 # Locally calculated
 sha256  8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE

package/unbound/unbound.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-UNBOUND_VERSION = 1.20.0
-UNBOUND_SITE = https://www.unbound.net/downloads
+UNBOUND_VERSION = 1.21.0
+UNBOUND_SITE = https://nlnetlabs.nl/downloads/unbound
 UNBOUND_INSTALL_STAGING = YES
 UNBOUND_DEPENDENCIES = host-pkgconf expat libevent openssl
 UNBOUND_LICENSE = BSD-3-Clause