equinoxe[nb9-amd64]:~> cd /p/netbsd/cvs/pkgsrc/security/ca-certificates/ 0 /p/netbsd/cvs/pkgsrc/security/ca-certificates equinoxe[nb9-amd64]:...security/ca-certificates> make => Bootstrap dependency digest>=20211023: found digest-20220214 => Checksum BLAKE2s OK for ca-certificates_20211016.tar.xz => Checksum SHA512 OK for ca-certificates_20211016.tar.xz ===> Installing dependencies for ca-certificates-20211016nb3 ========================================================================== The following variables will affect the build process of this package, ca-certificates-20211016nb3. Their current value is shown below: * PYTHON_VERSION_DEFAULT = 39 Based on these variables, the following variables have been set: * PYPACKAGE = python39 You may want to abort the process now with CTRL-C and change the value of variables in the first group before continuing. Be sure to run `/usr/bin/make clean' after the changes. ========================================================================== => Tool dependency cwrappers>=20150314: found cwrappers-20220403 => Tool dependency checkperms>=1.1: found checkperms-1.12 => Build dependency py39-cryptography-[0-9]*: found py39-cryptography-3.3.2nb1 => Build dependency python39>=3.9.0: found python39-3.9.13 ===> Checking for vulnerabilities in ca-certificates-20211016nb3 ===> Overriding tools for ca-certificates-20211016nb3 ===> Extracting for ca-certificates-20211016nb3 mv -f /tmp/kim/pkgsrc/security/ca-certificates/work/work /tmp/kim/pkgsrc/security/ca-certificates/work/ca-certificates-20211016 ===> Patching for ca-certificates-20211016nb3 => Applying pkgsrc patches for ca-certificates-20211016nb3 => Verifying /p/netbsd/cvs/pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates => Applying pkgsrc patch /p/netbsd/cvs/pkgsrc/security/ca-certificates/patches/patch-sbin_update-ca-certificates Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |$NetBSD: patch-sbin_update-ca-certificates,v 1.2 2022/06/12 07:05:30 kim Exp $ | |--- sbin/update-ca-certificates.orig 2021-10-16 16:09:43.000000000 +0000 |+++ sbin/update-ca-certificates 2022-06-12 16:09:43.000000000 +0000 -------------------------- Patching file sbin/update-ca-certificates using Plan A... Hunk #1 succeeded at 28. Hunk #2 succeeded at 80. Hunk #3 succeeded at 116. done ===> Creating toolchain wrappers for ca-certificates-20211016nb3 ===> Building for ca-certificates-20211016nb3 --- all --- for dir in mozilla; do /usr/bin/make -C $dir all; done --- all --- python3 certdata2pem.py Ignoring certificate "Verisign Class 1 Public Primary Certification Authority - G3". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Verisign Class 2 Public Primary Certification Authority - G3". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Certum Root CA". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Camerfirma Chambers of Commerce Root". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Camerfirma Global Chambersign Root". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Certificate "DST Root CA X3" blacklisted, ignoring. Ignoring certificate "SwissSign Platinum CA - G2". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "OISTE WISeKey Global Root GA CA". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Chambers of Commerce Root - 2008". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Global Chambersign Root - 2008". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Certificate "Explicitly Distrust DigiNotar Root CA" blacklisted, ignoring. Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" blacklisted, ignoring. Certificate "MITM subCA 1 issued by Trustwave" blacklisted, ignoring. Certificate "MITM subCA 2 issued by Trustwave" blacklisted, ignoring. Certificate "TURKTRUST Mis-issued Intermediate CA 1" blacklisted, ignoring. Certificate "TURKTRUST Mis-issued Intermediate CA 2" blacklisted, ignoring. Ignoring certificate "Staat der Nederlanden Root CA - G3". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Symantec Class 1 Public Primary Certification Authority - G6". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "Symantec Class 2 Public Primary Certification Authority - G6". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "D-TRUST Root CA 3 2013". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "GlobalSign Secure Mail Root R45". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR Ignoring certificate "GlobalSign Secure Mail Root E45". SAUTH=CKT_NSS_MUST_VERIFY_TRUST, EPROT=CKT_NSS_TRUSTED_DELEGATOR !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Trusted but expired certificate found: "GlobalSign Root CA - R2" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Trusted but expired certificate found: "Cybertrust Global Root" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! => Adjusting configuration file. => Replacing hard-coded paths. equinoxe[nb9-amd64]:...security/ca-certificates>