Update docker.io/traefik Docker tag to v3.7.1
No problems whatsoever deploying to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot.
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| docker.io/traefik | minor | v3.6.13 → v3.7.1 |
Release Notes
traefik/traefik (docker.io/traefik)
v3.7.1
Important: Please read the migration guide.
CVE fixed:
- CVE-2026-44774 (Advisory GHSA-96qj-4jj5-wcjc)
Bug fixes:
- [k8s/ingress, k8s/crd, k8s/gatewayapi] Add CrossProviderNamespaces option (#13094 @rtribotte)
- [k8s/crd] Fix cross-provider ref check for Kubernetes CRD provider (#13121 @rtribotte)
v3.7.0
Enhancements:
- [k8s/ingress-nginx] Use a metamodel to generate dynamic configuration in ingress-nginx (#13062 @juliens)
- [k8s/ingress-nginx] Add limit-connections support (#13030 @amazon7737)
Bug fixes:
- [k8s/ingress-nginx] Fix SSL redirect behavior for ingress-nginx provider (#13028 @gndz07)
- [k8s/ingress-nginx] Do not require a port for ExternalName services (#13033 @kevinpollet)
- [k8s, k8s/ingress-nginx] Add regression test for ingress default backend without rules (#13066 @mmatur)
- [acme] Bump github.com/go-acme/lego/v4 to v4.35.1 (#13027 @ldez)
- [server] Bump github.com/vulcand/oxy to v2.1.0 (#13046 @ldez)
- [acme] Bump github.com/go-acme/lego/v4 to v4.35.2 (#13043 @ldez)
- [middleware] Add errorRequestHeaders option to Errors middleware (#13034 @gndz07)
Documentation:
- [k8s/ingress-nginx] Add ingress-nginx ConfigMap migration step (#12963 @sheddy-traefik)
- [k8s/ingress-nginx] Delete the coming soon section from the ingress-nginx documentation (#13037 @nmengin)
Misc:
v3.6.17
Important: Please read the migration guide.
CVE fixed:
- CVE-2026-44774 (Advisory GHSA-96qj-4jj5-wcjc)
Bug fixes:
- [k8s/ingress, k8s/crd, k8s/gatewayapi] Add CrossProviderNamespaces option (#13094 @rtribotte)
- [k8s/crd] Fix cross-provider ref check for Kubernetes CRD provider (#13121 @rtribotte)
v3.6.16
Important: Please read the migration guide.
Bug fixes:
- [k8s/crd] Remove cross-provider sanitization for Kubernetes service loading (#13087 @rtribotte)
- [k8s/ingress-nginx] Fix typo in default CORS allowed headers (#13088 @mliang2)
- [logs, metrics, tracing] Bump go.opentelemetry.io/otel (#13100 @juliens)
- [docker, ecs] Migrate to github.com/moby/moby modules (#12672 @thaJeztah)
- [docker, ecs] Migrate to github.com/moby/moby modules (#13053 @mmatur)
v3.6.15
Bug fixes:
- [acme] Bump github.com/go-acme/lego/v4 to v4.35.2 (#13043 @ldez)
- [acme] Bump github.com/go-acme/lego/v4 to v4.35.1 (#13027 @ldez)
- [middleware] Add errorRequestHeaders option to Errors middleware (#13034 @gndz07)
- [k8s/ingress-nginx] Do not require a port for ExternalName services (#13033 @kevinpollet)
- [server] Bump github.com/vulcand/oxy to v2.1.0 (#13046 @ldez)
Misc:
v3.6.14
Bug fixes:
- [acme] Bump github.com/go-acme/lego/v4 to v4.34.0 (#12993 @ldez)
- [docker] Downgrade log level for missing container on inspect (#12900 @Otoru)
- [sticky-session, k8s/crd] Make SameSite cookie value case-insensitive (#12922 @murataslan1)
- [k8s/crd, k8s] Honor allowCrossNamespace with chain middleware CRD (#12976 @rtribotte)
- [middleware] Remove untrusted X headers with underscores (#12961 @rtribotte)
- [middleware] Sanitize the request URL after stripping the prefix (#12990 @kevinpollet)
- [middleware] Deprecate ForwardAuth.TrustForwardHeader option (#13012 @kevinpollet)
- [middleware, authentication] Remove map lookup making the basic auth notFoundSecret empty (#12960 @rtribotte)
- [middleware, authentication] Fix trustForwardHeader on forward auth middleware (#12994 @juliens)
- [middleware, authentication] Cleanup and make ForwardAuth logs consistent (#13013 @kevinpollet)
- [webui] Upgrade form-data to 2.5.4, 3.0.4, 4.0.4 (#12958 @orbisai0security)
Documentation:
- [k8s] Fix yaml indentation (#12957 @isayme)
- [k8s] Clarify install config watchNamespace watches only one namespace (#12962 @parkerfath)
- [k8s/crd] Update ingressroute.md (#12916 @Rajakavitha1)
- Reverse versions order in migration guide (#12959 @nmengin)
- Update vulnerability submission guidelines (#12968 @emilevauge)
