New
v3.6.4
CVE's fixed:
- CVE-2025-66490 (Advisory GHSA-gm3x-23wp-hc2c): Breaking Change please read the migration guide.
- CVE-2025-66491 (Advisory GHSA-7vww-mvcr-x6vj)
Important: Please read the migration guide.
Bug fixes:
- [server] Reject suspicious encoded characters (#12360 by rtribotte)
- [plugins] Validate plugin module name (#12291 by kevinpollet)
- [http3] Bump github.com/quic-go/quic-go to v0.57.1 (#12319 by GreyXor)
- [http3] Bump github.com/quic-go/quic-go to v0.57.0 (#12308 by GreyXor)
- [server] Bump golang.org/x/crypto to v0.45.0 (#12296 by kevinpollet)
- [acme] Bump github.com/go-acme/lego/v4 to v4.29.0 (#12333 by ldez)
- [k8s/ingress-nginx] Fix SSL redirect to match NGINX behavior (#12361 by mmatur)
- [k8s/ingress-nginx] Fix the service name for ingress-nginx provider (#12352 by mmatur)
- [k8s/ingress-nginx] Fix nginx.ingress.kubernetes.io/proxy-ssl-verify annotation support (#12351 by rtribotte)
- [middleware,authentication] Change ForwardAuth error log level from DEBUG to ERROR (#12324 by murataslan1)
Documentation:
- [api] Fix typo in API dashboard configuration instructions (#12335 by NAICOLAS)
- [docker] Add documentation for loadbalancer.server.url in Docker and Swarm providers (#12289 by webash)
- [k8s/gatewayapi] Fix links of Helm chart values reference to providers.kubernetesGateway.enabled (#12315 by shouhei)
- [k8s/ingress-nginx] Fix default value of ingress-nginx provider in documentation (#12328 by mloiseleur)
- [k8s/ingress-nginx] NGINX Ingress Controller to Traefik Migration Guide (#12318 by sheddy-traefik)
- [k8s/ingress-nginx] Improve the configuration options display of the Kubernetes ingress-nginx provider (#12297 by mloiseleur)
- [k8s/ingress-nginx] Improve ingress-nginx provider documentation (#12288 by sheddy-traefik)
- [service] Fix loadbalancer doc for highest random weight (#12283 by ozon2)
- Correctly Format the HTTP Service Documentation (#12311 by sheddy-traefik)
- Add documentation about checkNewVersion (#12298 by darkweaver87)
Misc: