Traefik | v3.6.14

Traefik v3.6.14 released on 22-04-2026


Traefik v3.6.14 is out now. It delivers bug fixes, middleware and authentication improvements, tightened Kubernetes/CRD behaviour and dependency/security updates — important for operators using ACME and CRDs.

Read the v3.6→v3.6.14 migration guidance linked in the release before upgrading and check the project’s GitHub release or official docs for the full details.

What’s in this release

  • Bumps github.com/go-acme/lego/v4 to v4.34.0 and upgrades web UI form-data packages to address ACME-related issues and known vulnerabilities.
  • Middleware and authentication fixes: SameSite cookie parsing is now case-insensitive for sticky sessions and CRD usage; unsafe X- headers containing underscores are stripped; request URLs are sanitised after prefix stripping; ForwardAuth.TrustForwardHeader handling and logging have been standardised.
  • Kubernetes/CRD and Docker corrections: chain middleware CRDs now honour allowCrossNamespace; Docker provider lowers the log level when a container is missing on inspect; documentation and migration-guide ordering clarified.

Upgrade notes

  • ForwardAuth.TrustForwardHeader is deprecated — follow the migration guidance linked in the release for required changes before upgrading.
  • If you need to roll back, revert to the previous v3.6.x release and consult the migration guide for compatibility notes.

Share your experience with the upgrade or report any issues on the project’s GitHub so others can benefit.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes