v2.11.1 lingeringTimeout can break some connections about traefik HOT 45 CLOSED

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.

How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.

If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.

You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.

Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.

The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.

I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

from traefik.

Please be comprehensive: We are humans and humans make mistakes.

We made a mistake with lingeringTimeout and we are trying to fix it as quickly as we can.

Then it's not semver compliant but this is exceptional because there are not a lot of possibilities to manage the situation, and we are sorry about that.

from traefik.

Hello,

Traefik v2.11.2 & 3.0.0-rc5 have just been released and published on Docker Hub v2.11.2 image & 3.0.0-rc5 image.
Those releases mitigates the CVE-2024-28869 GHSA-4vwx-54mw-vqfw.

Both versions revert the lingeringTimeout and introduce a default value of 60s for readTimeout.
⚠️ Be aware that you should adapt this value to your own use case. The general guideline is to set it right above the maximum needed by your applications.

The only use case which should be impacted is the large request payload (upload of a large file for example): this could require a higher timeout value. Otherwise, you shouldn't be impacted. If this behaviour impacts your production setup, please open an issue to inform the maintainers.

We did everything we could to address this vulnerability quickly & with a minimal impact. lingeringTimeout was an attempt to avoid being breaking as much as possible, but eventually this proved not to be the case.
There will be a follow up on this, we would like to provide a more flexible solution in the future (as an example, we could inspire from #10598 (comment)). Don't hesitate to open issue to propose your ideas.
Thank you all for your contributions, feedback & kindness ❤️

from traefik.

I am editing my response to remove the solution because I received several thumbs down for complaining. This is toxic harassment. I have blocked and reported all the members involved.

from traefik.

The following Additional Arguments resolved this issue for us with v2.11.1 & Helm Release v27.0.1.

additionalArguments:
  - '--entrypoints.web.transport.respondingTimeouts.tcp.lingeringTimeout=0'
  - '--entrypoints.websecure.transport.respondingTimeouts.tcp.lingeringTimeout=0'

Hopefully this helps someone 😊

from traefik.

v2.12.0 would be an option.

from traefik.

ℹ️ If one is using Traefik in front of a registry, the default ReadTimeout value of 60s may be too low. 👉 Pushing of a single layer for more than 60s results in a failure.

I've created an absolutely unofficial table here https://github.com/traefik/traefik/wiki/respondingTimeouts-for-applications

If you have input please update it with your findings. I've thrown what I've seen in there to start it up.

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

just to be sure, is it going to be merged also into v3.0 right?

Sure. We are prioritizing v2.11 for today, and v3.0 porbably tomorrow.

Quick update: we will introduce a default value for readTimeout (which is the time needed by the server to read a request headers + body). We have chosen a persmissive default value of 60s to avoid being breaking in most cases. The only use case which can be impacted is the large request payload (upload of a large file for example): this could require a higher timeout value. We also based our decision on other reverse proxies behaviors.

from traefik.

Minor versions in semver are not supposed to be breaking either. So the problem would be the same with v2.12.0.
When there is a vulnerability, and when there is no way to fix it without being breaking, the only way is to do a breaking bug fix.

If you're adhering to semver and don't increment the major version for a breaking change are you actually doing semver, or are you doing a 'traefiks-almost-semver-but-different' thing?

This isn't rhetorical. If you're not incrementing the major version for a breaking change you aren't following semver:

6. Patch version Z (x.y.Z | x > 0) MUST be incremented if only backward compatible bug fixes are introduced. A bug fix is defined as an internal change that fixes incorrect behavior.

7. Minor version Y (x.Y.z | x > 0) MUST be incremented if new, backward compatible functionality is introduced to the public API. It MUST be incremented if any public API functionality is marked as deprecated. It MAY be incremented if substantial new functionality or improvements are introduced within the private code. It MAY include patch level changes. Patch version MUST be reset to 0 when minor version is incremented.

8. Major version X (X.y.z | X > 0) MUST be incremented if any backward incompatible changes are introduced to the public API. It MAY also include minor and patch level changes. Patch and minor versions MUST be reset to 0 when major version is incremented.

from traefik.

Minor versions in semver are not supposed to be breaking either. So the problem would be the same with v2.12.0.
When there is a vulnerability, and when there is no way to fix it without being breaking, the only way is to do a breaking bug fix.
We aren't happy about this situation, but that's the best we can do (again, we tried to no be breaking at all costs introducing the lingering timeout, but in fact this was clearly breaking).

from traefik.

We also based our decision on other reverse proxies behaviors.

Will a feature like "MinRate" from apache be made available that, if timeout=0 cannot be safely used, allows for good clients that upload at a certain rate to keep doing so while avoiding SlowLoris-like attacks?

Imagine the usual File Synchronization use case, especially from less than optimal connections.

from traefik.

When would a stable version (without the CVE fix) be uploaded to dockerhub?

Also, any expectations on when a version that closes the CVE will be released?

What is the severity of this vulnerability?

from traefik.

The v2.11.2 and v3.0.0-rc5 have been created.

Now you have to wait for Docker to create the official images.

docker-library/official-images#16591

https://doi-janky.infosiftr.net/job/multiarch/view/images/view/traefik/

When would a stable version (without the CVE fix) be uploaded to dockerhub?

You can use v2.11.0 or v3.0.0-rc3

Also, any expectations on when a version that closes the CVE will be released?

v2.11.1 or v3.0.0-rc4 already fixed the CVE.

What is the severity of this vulnerability?

High

from traefik.

Yes unfortunately this is the second day in a row I've had to figure out what the heck is going on with my Traefik deployment breaking all of my selfhosting.

Yesterday, per suggestions from others, I had applied the transport.respondingTimeouts.tcp.lingeringTimeout: 0 workaround to my traefik.yml to avoid my websocket applications being broken.

With today's 2.11.2 release, Traefik now refuses to startup because those same configuration clauses are no longer valid:

2024/04/12 09:04:37 command traefik error: field not found, node: tcp

Thanks @Majestic7979 for providing the steps needed to fix.

from traefik.

All Working in rc-5

Version:      3.0.0-rc5
Codename:     beaufort
Go version:   go1.22.2
Built:        2024-04-11T16:27:55Z
OS/Arch:      linux/arm64

Version:      3.0.0-rc5
Codename:     beaufort
Go version:   go1.22.2
Built:        2024-04-11T16:27:55Z
OS/Arch:      linux/amd64

      - --entryPoints.http3.address=:443
      - --entrypoints.http3.http3.advertisedport=443
      # Create an entrypoint for postgres
      - --entrypoints.postgres.address=:5432
      # Create an entrypoint for redis
      - --entrypoints.redis.address=:6379
      # Create an entrypoint for mqtt
      - --entrypoints.mqtt.address=:8883
      # Timeouts
      - --entrypoints.http.transport.respondingTimeouts.readTimeout=300
      - --entrypoints.http3.transport.respondingTimeouts.readTimeout=300
      - --entrypoints.postgres.transport.respondingTimeouts.readTimeout=0
      - --entrypoints.redis.transport.respondingTimeouts.readTimeout=0
      - --entrypoints.mqtt.transport.respondingTimeouts.readTimeout=0

from traefik.

@emilevauge + team great work through the day to get this mitigated as quickly as possible.

I'm not sure that this only impacts large payloads, I'm seeing tools like Portainer not working properly because of timeouts disconnecting, setting as 0 resolves the issue - but as I understand it, then the Possible DoS vulnerability with Content-length header isn't mitigated - is that correct?

I understand completely that this is needed to mitigate the issue, but I think that there might be a fairly prolific impact on long-held interactions.

from traefik.

@emilevauge There's no way to set respondingTimeouts at a service and router level right? Like @troykelly mentioned Portainer and a few other services I run aren't going to like this. It would be great to override respondingTimeouts for specific paths as an example.

I think the solution that @waffshappen mentioned would cover off some of the remaining issues though so I look forward to that implementation. Not entirely sure what the solution looks like for websockets that are mostly in-active.

from traefik.

@ldez

Please be comprehensive: We are humans and humans make mistakes.

We made a mistake with lingeringTimeout and we are trying to fix it as quickly as we can.

Of course I understand that it was a mistake and you're doing your best to fix things. I'm a bit confused as to why you think that I was claiming otherwise. Bumping semver isn't a punishment, it's just a machine readable sort of changelog; numbers are free.

Then it's not semver compliant but this is exceptional because there are not a lot of possibilities to manage the situation, and we are sorry about that.

Maintaining semver is making a promise to your consumers that you will update the version in a particular way based on things like implementing a breaking change.

The current solution, introducing a default value for readTimeout, still seems to be acknowledged as a breaking change - Is that the case? If so, please consider making 2.11.2 into 3.0.0 and making the current 3.0.0-rc into a 4.0.0-rc; it's not too late to follow through on your commitment to sane versioning.

Regardless, thanks for the prompt response on this issue; CVEs are not fun and acting proactively to ensure that users receive a fix is admirable, it's just a shame that the issues we've seen weren't caught by some sort of automation.

Here's to many more years of not having to think about updates!

from traefik.

ℹ️ If one is using Traefik in front of a registry, the default ReadTimeout value of 60s may be too low.
👉 Pushing of a single layer for more than 60s results in a failure.

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.

How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.

If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.

You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.

Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.

The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.

I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said past your name-calling. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment. Just because you think differently or have a different opinion does not turn your oponent on a debate into a troll, especially when I have contributed with a fix to the issue, that was really disgusting by you. Enjoy your likes and hearts, looks like you have many fans, congratulations, I am proud to see people supporting bullying and harassment so openly, many of them are even German, looks like in Germany some people still have the mindset that it is acceptable to attack others. I am autistic by the way.

Anybody harassing me with either name calling or thumbs down with a clear view to cause me distress will be blocked and reported to GitHub. Bullying and harassment is against the site's guidelines. Please understand that having different opinions and complaining about issues is not a reason to bully and/or harass anyone online.

Update: GitHub concluded that there was bullying and harassment. I politely request anyone thinking of harassing me over my comment to think again and desist immediately from going forward with bullying and to leave me alone. I have the right to make a complaint about an application without being targeted with either bad comments or bad reactions. I will report all of the abuse and GitHub may even terminate accounts that are found to be abusive. Please respect the Terms of Service and do not use this platform to target members you disagree with.

from traefik.

So another breaking change (new default value for readTimeout) in a patch release?

from traefik.

An additional symptom is an inability to log in to services like GitLab, Nextcloud, Synology dashboard, etc. if hosted behind Traefik and they use LDAP for authentication.

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

just to be sure, is it going to be merged also into v3.0 right?

Sure, it will also be merged in v3.

from traefik.

Anything related to lingeringTimeout has been reverted in v2.11.2 and v3.0.0-rc5:

• the deprecation of respondingTimeouts.xxx options has been removed
• lingeringTimeout options have been removed
• respondingTimeouts.http.xxx options have been removed
• respondingTimeouts.tcp.xxx options have been removed

from traefik.

Does setting the readTimeout to 0 still protect you from the CVE?
Edit: I came here because Home Assistant was constantly refreshing and eventually found my way to this issue. But some issues on Home Assistant (like home-assistant/frontend/issues/20493) have a user setting it to 0, so hence why I asked for clarification.
On a side note, I updated to 2.11.2 a few minutes ago, and the pages on my Home Assistant instance does not constantly refreshes every few seconds anymore without me having to change the entrypoint configuration.

from traefik.

+1, if it's possible to manage to reintegrate semantic versioning, that would be great - especially helpful given there have been some rapid-fire changes with some breaking configuration expectations.

Understand that given how quickly things have had to move, that opportunity might not exist any more - it might be something that can be identified in a PIR so it can be built into the process next time?

from traefik.

good news - fixed for ASP.NET 8 Blazor and Dozzle - thanks

from traefik.

Ho hum.. it's hardly an attack or aggressive.. but a casual observation of your profile suggests you are doing this to get haters and you complain if you get them. Does not compute? Just be nice.

from traefik.

following

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

from traefik.

@xehpuk if you read my initial message:
⚠️ We haven't been able to find a fix for this vulnerability that is not breaking at some point. However, the new fix we are going to provide is simpler to understand and configure to fit your needs.
To fix the CVE, that's our only option.

from traefik.

To add a symptom: AFAICS cloning a Git repo via HTTPS that is hosted behind Traefik fails with 2.11.1 (but succeeds with 2.11.0, so I assume this is related):

$ git clone --depth 1 --branch 2.4.1 --config advice.detachedHead=false https://FQDN/oss/repo.git
Cloning into 'repo'...
remote: Enumerating objects: 11569, done.
remote: Counting objects: 100% (11569/11569), done.
remote: Compressing objects: 100% (6941/6941), done.
error: RPC failed; curl 56 GnuTLS recv error (-9): Error decoding the received TLS packet.
fatal: the remote end hung up unexpectedly
fatal: early EOF
fatal: index-pack failed

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

just to be sure, is it going to be merged also into v3.0 right?

from traefik.

v2.11.1 broke checkmk. It worked 'til v2.11.0

from traefik.

Can I confirm, lingeringTimeout:

• has been immediately deprecated in rc5?
• will / will not throw an error if it appears in the config?
• similar functionality is implemented in readTimeout which currently defaults to 60 seconds, and can be disabled by setting to 0 (zero)

The below throws errors:

Version:      3.0.0-rc4
Codename:     beaufort
Go version:   go1.22.2
Built:        2024-04-10T14:45:05Z
OS/Arch:      linux/arm64

      - --entrypoints.traefik.transport.respondingTimeouts.readTimeout=0
      - --entrypoints.http.transport.respondingTimeouts.readTimeout=300
      - --entrypoints.http3.transport.respondingTimeouts.readTimeout=300
      - --entrypoints.ping.transport.respondingTimeouts.readTimeout=0

traefik-1  | 2024-04-12T00:31:22Z ERR Command error error="command traefik error: entrypoint \"http3\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:23Z ERR Command error error="command traefik error: entrypoint \"http\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:24Z ERR Command error error="command traefik error: entrypoint \"ping\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:24Z ERR Command error error="command traefik error: entrypoint \"http\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:26Z ERR Command error error="command traefik error: entrypoint \"http\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:28Z ERR Command error error="command traefik error: entrypoint \"http\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"
traefik-1  | 2024-04-12T00:31:32Z ERR Command error error="command traefik error: entrypoint \"http\" has `readTimeout` option is defined multiple times (`respondingTimeouts.readTimeout` is deprecated)"

from traefik.

Does setting the readTimeout to 0 still protect you from the CVE?

And, if not, once it is disclosed - will it be something we can mitigate via other means - firewall, WAF, etc

from traefik.

I am new with traefik, so potentially there is something that I have missed, but can anybody explain to me how the behavior described in GHSA-4vwx-54mw-vqfw is a security problem for traefik?
From my understanding a connection with no content but a content length would simply be forwarded to the service behind traefik as any other connection, and if and only if that service does not terminate the connection, traefik does not terminate the connection. But if this is correct, then this is not a vulnerability, but perfect valid proxy behavior, isnt it?

from traefik.

If these new facilities are to combat a CVE, why not release them but with the defaults set to the preexisting behaviour and provide an advisory of the vulnerability and let users opt in when they have tested their particular use cases?

from traefik.

Yes unfortunately this is the second day in a row I've had to figure out what the heck is going on with my Traefik deployment breaking all of my selfhosting.

Yesterday, per suggestions from others, I had applied the transport.respondingTimeouts.tcp.lingeringTimeout: 0 workaround to my traefik.yml to avoid my websocket applications being broken.

With today's 2.11.2 release, Traefik now refuses to startup because those same configuration clauses are no longer valid:

2024/04/12 09:04:37 command traefik error: field not found, node: tcp

Thanks @Majestic7979 for providing the steps needed to fix.

You're very welcome! I am glad it helped you :) I got thumbs down for speaking the truth lol... I guess it's just people who don't understand English 😂

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.
How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.
If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.
You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.
Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.
The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.
I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment.

@Majestic7979 - Curious, what happened to you loving haters as per your "Assh*le Customer" badbitch profile? Someone points out your bad ways and you have to make a complaint.. Is that fair? Were you being respectful? No.. @troykelly 's comment is quite valid. Let me guess, I'm blocked.. Double standards mate. Now we live rent-free in your head..

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.
How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.
If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.
You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.
Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.
The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.
I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment.

@Majestic7979 - Curious, what happened to you loving haters as per your "Assh*le Customer" badbitch profile? Someone points out your bad ways and you have to make a complaint.. Is that fair? Were you being respectful? No.. @troykelly 's comment is quite valid. Let me guess, I'm blocked.. Double standards mate. Now we live rent-free in your head..

Another example of mob mentality and bullying/harassment. This is public shaming with a view to make me change my personal profile. Unacceptable and breaching of the ToS. The finishing statement "we live rent free in your head" clearly shows the intention to cause me distress.
This is 100% not okay or acceptable in any way. I made a complaint about an APPLICATION and here is a group of people attacking a PERSON. That is just vile. Of course, reported for bullying and harassment which it is. I politely request the guy who called me a troll to review that statement and the abuse that I am receiving as a result of it.

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.
How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.
If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.
You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.
Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.
The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.
I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment.

@Majestic7979 - Curious, what happened to you loving haters as per your "Assh*le Customer" badbitch profile? Someone points out your bad ways and you have to make a complaint.. Is that fair? Were you being respectful? No.. @troykelly 's comment is quite valid. Let me guess, I'm blocked.. Double standards mate. Now we live rent-free in your head..

Another example of mob mentality and bullying/harassment. This is public shaming with a view to make me change my personal profile. Unacceptable and breaching of the ToS. The finishing statement "we live rent free in your head" clearly shows the intention to cause me distress. This is 100% not okay or acceptable in any way. I made a complaint about an APPLICATION and here is a group of people attacking a PERSON. That is just vile. Of course, reported for bullying and harassment which it is. I politely request the guy who called me a troll to review that statement and the abuse that I am receiving as a result of it.

Mate.. You are the aggressor in other conversations as well.. e.g.

Maybe take a chill pill..

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.
How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.
If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.
You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.
Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.
The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.
I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment.

@Majestic7979 - Curious, what happened to you loving haters as per your "Assh*le Customer" badbitch profile? Someone points out your bad ways and you have to make a complaint.. Is that fair? Were you being respectful? No.. @troykelly 's comment is quite valid. Let me guess, I'm blocked.. Double standards mate. Now we live rent-free in your head..

Another example of mob mentality and bullying/harassment. This is public shaming with a view to make me change my personal profile. Unacceptable and breaching of the ToS. The finishing statement "we live rent free in your head" clearly shows the intention to cause me distress. This is 100% not okay or acceptable in any way. I made a complaint about an APPLICATION and here is a group of people attacking a PERSON. That is just vile. Of course, reported for bullying and harassment which it is. I politely request the guy who called me a troll to review that statement and the abuse that I am receiving as a result of it.

Mate.. You are the aggressor in other conversations as well.. e.g.

Maybe take a chill pill..

Desist from attacking me. You are only providing GitHub proof that you are targeting me. You don't know me and you don't know about my neurodiversity. My profile was worded like that because I got tired of people like you attacking me for not communicating in a way that neurotypical people expect, you don't understand my disability and saying that I am the aggressor when I mean no aggression whatsoever is a form of harassment. I sometimes get frustrated by people constantly attacking me as a person and of course that will influence how I come across. You need to take a deep look into your behavior online and understand that you're being harmful. I complained about an application not a developer. I make efforts to change so that the way I communicate is clearer, and what effort are you making to ensure you're not targeting someone with distressing comments? Comments I have made in the past are completely irrelevant, I am constantly striving to change despite the huge challenge of autism being in my way every second I'm alive. Leave me alone and do not harass me again.

from traefik.

Here is the PR that removes the lingeringTimeout and introduces a readTimeout instead: #10599

Oh, Jesus. Ok takes deep breath.

I wasn't going to feed the troll, but you keep posting - and it needs to be addressed.
How much do you pay for Traefik @Majestic7979? I assume you are on a paid support plan given how entitled you feel, so it's probably best you raise that with the team directly - rather than in this issue.
If you aren't paying for Traefik, and you are using :latest or blindly updating the version / container without checking, then you have no right to be abusive of the team, maintainers and others working towards a resolution.
You didn't get thumbs down for speaking the truth, you got it for completely missing the mark - a sign I would have thought a reasonable person would see and understand.
Your comment suggesting that misunderstanding is linked to English skills is dismissive and prejudiced. It's important to communicate respectfully and avoid making assumptions about others' language abilities or cultural backgrounds. Let's strive to keep our dialogue inclusive and supportive.
The fact that people are providing you with a service that you clearly rely on, for (I'm assuming) free, and you have the gall to attack them because English might be their second language really highlights your character.
I hope that this was born out of frustration, and given time you may come to realise how inappropriate your contribution is and will apologise to all involved.

I am not a troll, so I am not going to read whatever you said. You should learn to respect others by not calling them names if you want them to read what you've got to say. I'm also blocking you and reporting the harassment.

@Majestic7979 - Curious, what happened to you loving haters as per your "Assh*le Customer" badbitch profile? Someone points out your bad ways and you have to make a complaint.. Is that fair? Were you being respectful? No.. @troykelly 's comment is quite valid. Let me guess, I'm blocked.. Double standards mate. Now we live rent-free in your head..

Another example of mob mentality and bullying/harassment. This is public shaming with a view to make me change my personal profile. Unacceptable and breaching of the ToS. The finishing statement "we live rent free in your head" clearly shows the intention to cause me distress. This is 100% not okay or acceptable in any way. I made a complaint about an APPLICATION and here is a group of people attacking a PERSON. That is just vile. Of course, reported for bullying and harassment which it is. I politely request the guy who called me a troll to review that statement and the abuse that I am receiving as a result of it.

Mate.. You are the aggressor in other conversations as well.. e.g.

Maybe take a chill pill..

Ho hum.. it's hardly an attack or aggressive.. but a casual observation of your profile suggests you are doing this to get haters and you complain if you get them. Does not compute? Just be nice.

Desist from harassing me. Your comments are targeting me, they are abusive and it's a breach of the ToS. My report of the "troll" comment has been reviewed and GitHub has found it was in breach of the ToS. I politely request that you completely desist from targeting me with immediate effect and stop responding, as you are causing me extreme distress.

from traefik.

Hi,

I'm locking this issue for now because it is not following the code of conduct.

from traefik.