Tor Browser 13.0.12 is now available from the Tor Browser download page and also from our distribution directory.

This version includes important security updates to Firefox.

Removal of automatic .onion site prioritization

The Tor Project has recently been notified of a potential fingerprinting vulnerability with automatic Onion-Location redirects. In an abundance of caution, we have removed the 'prioritize .onion sites when known' option from Tor Browser. We are looking further into this issue and will provide timely updates as more research and additional recommendations become available.

Send us your feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know.

Full changelog

The full changelog since Tor Browser 13.0.11 is:

• All Platforms
  • Updated Snowflake to 2.9.2
  • Bug tor-browser#42376: The placeholder of datetime inputs keeps being localized when spoof English is on
  • Bug tor-browser#42378: spoof english + htmlform <details> can leak app language
  • Bug tor-browser#42444: Remove the "Prioritize .onion sites when known" option
  • Bug tor-browser#42448: Rebase Tor Browser stable onto Firefox 115.9.0esr
  • Bug tor-browser#42459: Add startpage onion service to list of search providers
  • Bug tor-browser-build#41105: Bump version of snowflake to v2.9.2
• Windows + macOS + Linux
  • Updated Firefox to 115.9.0esr
• Windows
  • Bug tor-browser#42377: Hidden fonts are automatically added to the allow list
• Android
  • Updated GeckoView to 115.9.0esr
  • Bug tor-browser#42407: TTP-03-010 WP3: Potential phishing
• Build System
  • All Platforms
    • Updated Go to 1.21.8
    • Bug tor-browser-build#41102: src archive does not match likely due to mismatched xz-utils version