Skip to content

solidtime

v0.12.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

laravel self-hosted time-tracker time-tracking timetracker timetracking
+2 more
timetrackingapp vue

Summary

AI summary

Cross-organization time-entry modification vulnerability fixed.

Full changelog

[!NOTE]
This release includes security fixes, please make sure to upgrade as soon as possible.

What's Changed

  • fix cross-organization modification of a known time-entry UUID thanks @pyuysig for the report
  • Prefill project name in create modal by @ShrootBuck in https://github.com/solidtime-io/solidtime/pull/1045
  • Added the ability to disable group similar time entries by @utlark in https://github.com/solidtime-io/solidtime/pull/1054

New Contributors

  • @ShrootBuck made their first contribution in https://github.com/solidtime-io/solidtime/pull/1045
  • @utlark made their first contribution in https://github.com/solidtime-io/solidtime/pull/1054

Full Changelog: https://github.com/solidtime-io/solidtime/compare/v0.12.0...v0.12.1

Security Fixes

  • Cross-organization modification of time-entry UUID (GHSA-pmf9-pxq9-ccwr)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track solidtime

Get notified when new releases ship.

Sign up free

About solidtime

Modern open-source time-tracking app

All releases →

Related context

Beta — feedback welcome: [email protected]