Tor Browser Bundle 9.0.5 Is Released And You Should Upgrade To It
The latest version of the Tor Browser bundle has Firefox 68.5.0esr with NoScript 11.0.13 and version 0.4.2.6 of the underlying Tor client used to connect to the Tor anonymity network. There are several security issues with Firefox 68.4.1esr which the previous Tor browser bundle 9.0.4 uses. Those using the Tor browser bundle to browser the web using the Tor anonymity network should upgrade.
written by 林慧 (Wai Lin). published 2020-02-14 - last edited 2020-02-14
There are some memory safety issues and other security issues in Firefox 68.4.1esr as well as Firefox 72. The latest Tor Browser bundle addresses this by upgrading the included Firefox version to 68.5esr. The bundled NoScript extension is also updated and so is the included Tor client is updated to version 0.4.2.6.
Most Linux distributions have the Tor client available in their repositories which means that you could ignore the Tor Browser bundle and point a regular Firefox version or even Chromium at it. That is actually not advisable. The Firefox ESR version in the Tor browser bundle is more than plain Firefox with some extensions, there are quite a lot of Tor-specific security-enhancing changes to it.
The latest Tor Browser Bundle can be acquired from torproject.org/download. See "Using The Tor Browser With A Local Tor Client if you prefer to use the Tor Browser with a Tor client system service instead of the bundled one (which is started automatically along with the Tor Browser in its default configuration).