Traefik | v3.7.5

Traefik v3.7.5 released on 10-06-2026


Traefik v3.7.5 is out now. It fixes several Kubernetes provider and TLS edge cases, enforces Gateway API validation for unsafe cross-provider references, and bumps the PROXY protocol library for improved server behaviour.

See the project’s GitHub release page for full notes, pull requests and download assets.

What’s in this release

  • k8s/ingress-nginx provider fixes: skip an Ingress when auth-secret resolution fails (prevents broken Ingresses causing routing errors) and pass EndpointSlice fencing to the ingress-nginx provider (fixes endpoint discovery/selection).
  • Gateway API validation: Traefik now rejects cross-provider backendRefs that use backendRefs.namespace to reference backends in a different provider, preventing unsafe or invalid cross-provider routing.
  • Server dependency bump: github.com/pires/go-proxyproto upgraded to v0.12.0 — users relying on PROXY protocol should upgrade to pick up the updated library behaviour.
  • TLS/router matching fixes: routers that share the same host but use different TLS options on different entryPoints are handled correctly, and SNICheck has been fixed for routers that declare no hosts.

Upgrade notes

  • Gateway API now rejects cross-provider backendRefs.namespace — avoid cross-provider backendRefs; no other configuration changes are required to adopt v3.7.5.
  • If you rely on PROXY protocol, upgrade to v3.7.5 to pick up go-proxyproto v0.12.0 fixes; revert to your previous Traefik version if you need to roll back.

Try v3.7.5 and share any observations or regressions you run into on the project’s GitHub — community feedback helps catch edge cases quickly.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes