---
- branch: MAIN
  date: Mon Aug 17 06:58:32 UTC 2020
  files:
  - new: '1.26'
    old: '1.25'
    path: pkgsrc/security/tor-browser/distinfo
    pathrev: pkgsrc/security/tor-browser/distinfo@1.26
    type: modified
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_lib.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_lib.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_device.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_device.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_fd.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_fd.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_mod.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_mod.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_monitor.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_monitor.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_transaction.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_transaction.rs@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_uhid.rs
    pathrev: pkgsrc/security/tor-browser/patches/patch-dom_webauthn_u2f-hid-rs_src_netbsd_uhid.rs@1.1
    type: added
  id: 20200817T065832Z.dd91a9165f89b36e1b2efc7339c9f6758c18d598
  log: |
    security/tor-browser: Add U2F support to NetBSD.

    The webauthn API is disabled by default in the Tor Browser:

    https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26614

    In order to use it, risking the consequences since the Tor Project
    has not audited its anonymity properties, you have to explicitly
    enable security.webauthn.webauthn=true in about:config.

    So if you definitely want to log into a web site using U2F in spite
    of that, with location privacy but not anonymity, then these patches
    now enable it to work on NetBSD (with the caveat that enabling
    security.webauthn.webauthn=true applies also to any web site that
    tries to use the webauthn API, not just the ones you want to log
    into).
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/tor-browser'
  unixtime: '1597647512'
  user: riastradh