This package provides the certificates distributed by the Mozilla Project, with the exception of any certificates not globally trusted. It also provides a script, mozilla-rootcerts, which can be used to install the root CA certificates distributed by the Mozilla Project into a location that makes them usable by TLS implementations, extract them to the current working directory, or rehash the existing certificates. NB: This package provides certificates, but does not as a consequence of installation place them in a location that makes them immediately usable by SSL/TLS implementations. Use the 'mozilla-rootcerts install' script or mozilla-rootcerts-openssl package if you want to use these certificates. This package includes instructions for configuring gnupg2 to use the certificates.
Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.