[German]Short addendum for users of the Tor bundle. The developers have already released version 9.0.7 on March 20, 2020, which contains the JavaScirpt vulnerability.
I hadn’t realized it, but my Tor installation had been updated to version 9.0.7 for days. The change log for the Tor Browser 9.0.6 shows the following changes.
* All Platforms
* Bump NoScript to 11.0.19
* Windows + OS X + Linux
* Bump Tor to 0.4.2.7
Otherwise, more details can be found in the article on Bleeping Computer.