New Release: Tor Browser 9.5a8

by sysrqb | March 12, 2020

Tor Browser 9.5a8 is now available from the Tor Browser Alpha download page and also from our distribution directory.

This release features important security updates to Firefox.

Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

This release updates Firefox to 68.6.0esr and NoScript to 11.0.15.

Note: We were made aware of a bug that allows javascript execution on the Safest security level (in some situations). We are working on a fix for this. If you require that javascript is blocked, then you may completely disable it by:

  • Open about:config
  • Search for: javascript.enabled
  • If the "Value" column says "false", then javascript is already disabled.
  • If the "Value" column says "true", then either right-click and select "Toggle" such that it is now disabled or double-click on the row and it will be disabled.

Update: Noscript 11.0.17 should solve this issue. Automatic updates of Noscript are enabled by default, so you should get this fix automatically.

If your Tor Browser Alpha installation did not upgrade to version 9.5a7 and your current installation does not start successfully, then please see the 9.5a7 blog post for solutions.

The full changelog since Tor Browser 9.5a7 is:

  • All Platforms
    • Update Firefox to 68.6.0esr
    • Bump NoScript to 11.0.15
      • Bug 33430: Disable downloadable fonts on Safest security level
    • Translations update
  • Windows + OS X + Linux
    • Update Tor Launcher to
      • Translations update
  • Build System
    • Windows
      • Bug 33535: Patch openssl to use SOURCE_DATE_EPOCH for copyright year


Please note that the comment area below has been archived.

March 15, 2020


I checked the downloadable fonts, they are still active, the gfx and woff2.Am i looking the right option?

March 20, 2020


Got some NoScript XSS Warnings when browsing, for that of an error.

Any fix being offered here?