traefik (update request): CVEs + http3 not working with custom tlsoptions

[oakey-dev]

Environmental Info:
K3s Version:

k3s version v1.26.4+k3s1 (8d0255a)
go version go1.19.8

Node(s) CPU architecture, OS, and Version:

Linux 5.10.0-23-amd64 #1 SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux

Cluster Configuration:

3 servers
2 agents

Describe the bug:

HTTP/3 doesn't work if you have custom TLS settings
traefik/traefik#9063

Steps To Reproduce:

• Installed K3s:

Expected behavior:

http3 working even if custom TLS options are set

Actual behavior:

Traefik responds with

< HTTP/3 421
< content-type: text/plain; charset=utf-8
< x-content-type-options: nosniff
<
Misdirected Request

Additional context / logs:

Should be solved if updating to Traefik v2.9.7

Additionally some CVEs were fixed too:
v2.9.6
https://www.cve.org/CVERecord?id=CVE-2022-23469
https://www.cve.org/CVERecord?id=CVE-2022-46153
https://www.cve.org/CVERecord?id=CVE-2022-41717

v2.9.8
fix CVE-2022-41724

v2.9.10
CVE-2023-29013
Related to CVE-2023-24534

[brandond]

We've already updated to v2.9.10, see #7324

[oakey-dev]

with which k3s version will it be available then?

[brandond]

This months, which is currently in RC pending validation by QA.