Traefik v3.7.3 released on 04-06-2026

Traefik v3.7.3 is out now. Operators running Traefik with Kubernetes or managing TLS should see targeted bug fixes and several dependency upgrades that merit testing.
Read the mandatory migration guide for v3.7 → v3.7.3 and the full release notes on Traefik’s documentation and GitHub for upgrade instructions and details: https://doc.traefik.io/traefik/v3.7/migrate/v3/#v373
What’s in this release
- TLS and core server behaviour fixes: resolved tlsOptions are computed after models are applied to avoid misconfiguration; snicheck behaviour moved to context from simulated routing; basic-auth now errors on empty user lists; several server-side dependency bumps.
- Kubernetes provider fixes and documentation updates: trimming quotes from proxy_set_header names, clearing Ssl-Client-* headers when no client certificate is present, avoiding ingress path matcher injection, escaping exact gRPC method matches in Gateway API, and exposing default Kubernetes client QPS/Burst settings; chart and CRD migration docs updated.
- Middleware, logging, dashboard and file provider polish: TCP router service resolution fixed in the dashboard flow diagram, access log improvements (escaping double quotes and optionally dropping query parameters), rejecting altered requests after StripPrefix/StripPrefixRegex normalisation, improved handling of dangling symlinks, plus documentation and housekeeping fixes.
Upgrade notes
- Mandatory migration: follow the v3.7 → v3.7.3 migration guide before upgrading — https://doc.traefik.io/traefik/v3.7/migrate/v3/#v373
- Dependency bumps may affect runtime or security; re-run integration and security tests after upgrading and keep your previous v3.7.x release available for rollback if needed.
Share any notes on your upgrade experience or unexpected behaviour so others can learn from your testing and rollouts.


