diff --git a/_data/toc.yaml b/_data/toc.yaml
index e99506698614..f1ff5705ce0e 100644
--- a/_data/toc.yaml
+++ b/_data/toc.yaml
@@ -1517,6 +1517,8 @@ manuals:
     title: Deprecated features
   - sectiontitle: Release notes
     section:
+    - path: /engine/release-notes/
+      title: Engine 23.0
     - sectiontitle: Previous versions
       section:
       - path: /engine/release-notes/20.10/
diff --git a/engine/release-notes/index.md b/engine/release-notes/index.md
new file mode 100644
index 000000000000..c5bada6bc422
--- /dev/null
+++ b/engine/release-notes/index.md
@@ -0,0 +1,235 @@
+---
+title: Docker Engine release notes
+description: Learn about the new features, bug fixes, and breaking changes for Docker Engine
+keywords: docker, docker engine, ce, whats new, release notes
+toc_min: 1
+toc_max: 2
+skip_read_time: true
+redirect_from:
+  - /release-notes/docker-ce/
+  - /release-notes/docker-engine/
+---
+
+This page describes the latest changes, additions, known issues, and fixes for Docker Engine.
+
+For more information about:
+
+- Deprecated and removed features, see [Deprecated Engine Features](../deprecated.md).
+- Changes to the Engine API, see [Engine API version history](../api/version-history.md).
+
+## 23.0.0
+
+{% include release-date.html date="2023-02-01" %}
+
+For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
+
+- [docker/cli, 23.0.0 milestone](https://github.com/docker/cli/milestone/51?closed=1)
+- [moby/moby, 23.0.0 milestone](https://github.com/moby/moby/milestone/91?closed=1)
+
+### New
+
+- Set Buildx and BuildKit as the default builder on Linux. [moby/moby#43992](https://github.com/moby/moby/pull/43992)
+
+  [Legacy builder deprecation notice](../deprecated.md#legacy-builder-for-linux-images)
+
+  - Alias `docker build` to `docker buildx build`. [docker/cli#3314](https://github.com/docker/cli/pull/3314)
+  - The legacy builder can still be used by explicitly setting `DOCKER_BUILDKIT=0`.
+
+- Added support for pulling `zstd` compressed layers. [moby/moby#41759](https://github.com/moby/moby/pull/41759), [moby/moby#42862](https://github.com/moby/moby/pull/42862)
+- Added support for alternate OCI runtimes on Linux, compatible with the containerd runtime v2 API. [moby/moby#43887](https://github.com/moby/moby/pull/43887), [moby/moby#43993](https://github.com/moby/moby/pull/43993)
+- Added support for the containerd `runhcs` shim on Windows (off by default). [moby/moby#42089](https://github.com/moby/moby/pull/42089)
+- Added `dockerd --validate` to check the daemon JSON config and exit. [moby/moby#42393](https://github.com/moby/moby/pull/42393)
+- Added the ability to configure the daemon's HTTP proxy via flags or JSON config [moby/moby#42835](https://github.com/moby/moby/pull/42835)
+- Added support for RFC 3021 point-to-point networks (IPv4 /31s) and single hosts (IPv4 /32s). For networks with two or fewer addresses, IPAM won't reserve a network and broadcast address. [moby/moby#42626](https://github.com/moby/moby/pull/42626)
+- Added support for setting `ipvlan_flag` and using the `l3s` `ipvlan_mode` in the `ipvlan` network driver. [moby/moby#42542](https://github.com/moby/moby/pull/42542)
+- Added support for displaying the value of the `metacopy` option for the `overlay2` storage driver. [moby/moby#43557](https://github.com/moby/moby/pull/43557)
+- Added support for describing Windows devices using the syntax `IDType://ID`.[moby/moby#43368](https://github.com/moby/moby/pull/43368)
+- Added `RootlessKit`, `slirp4netns`, and `VPNKit` version reporting. [moby/moby#42330](https://github.com/moby/moby/pull/42330)
+- Added experimental support for SwarmKit cluster volumes (CSI). [moby/moby#41982](https://github.com/moby/moby/pull/41982)
+  - CLI: Added cluster volume (CSI) options to `docker volume`. [docker/cli#3606](https://github.com/docker/cli/pull/3606)
+  - CLI: Added cluster volume (CSI) support to `docker stack`. [docker/cli#3662](https://github.com/docker/cli/pull/3662)
+- Added support for SwarmKit jobs in `docker stack deploy`. [docker/cli#2907](https://github.com/docker/cli/pull/2907)
+- Added the `docker stack config` command to output the merged and interpolated config files as utilized by `stack deploy`. [docker/cli#3544](https://github.com/docker/cli/pull/3544)
+- Added a new `docker context show` command that prints the name of the current context. [docker/cli#3567](https://github.com/docker/cli/pull/3567)
+- Added the `--format=json` shorthand variant of {% raw %}`--format="{{ json . }}"`{% endraw %} to all commands supporting the `--format` flag. [docker/cli#2936](https://github.com/docker/cli/pull/2936)
+- Added a `--quiet` option to `docker create` and `docker run` commands to suppress output when pulling an image. [docker/cli#3377](https://github.com/docker/cli/pull/3377)
+- Added a `--force` option to `docker network rm` subcommand. Causes CLI to return a 0 exit code even if the network doesn't exist. Has no effect on the server-side procedure for removing a network. [docker/cli#3547](https://github.com/docker/cli/pull/3547)
+- Added a `--signal` option to `docker stop` and `docker restart`. [docker/cli#3614](https://github.com/docker/cli/pull/3614)
+- Added a `-v/--version` flag to `docker-proxy`. [moby/moby#44703](https://github.com/moby/moby/pull/44703)
+- Plugins are now discovered in well-known user-level paths when the daemon is running in rootless mode. [moby/moby#44778](https://github.com/moby/moby/pull/44778)
+- The daemon now handles common alternate JSON encodings in the JSON configuration file gracefully, and reports useful errors. [moby/moby#44777](https://github.com/moby/moby/pull/44777), [moby/moby#44832](https://github.com/moby/moby/pull/44832)
+  - UTF-8 with a byte order mark is accepted.
+  - UTF-16 with a byte order mark is accepted.
+  - Invalid UTF-8 is reported early and with a comprehensible error message.
+- Allow use of `STOPSIGNAL` via `docker commit`. [moby/moby#43369](https://github.com/moby/moby/pull/43369)
+- Added a new option to the `awslogs` log driver to allow skipping log stream creation in CloudWatch. [moby/moby#42132](https://github.com/moby/moby/pull/42132)
+- Added a new option to the `awslogs` log driver to specify the log format that's sent to CloudWatch. [moby/moby#42838](https://github.com/moby/moby/pull/42838)
+- Added a new option to the `fluentd` log driver to set the reconnection interval. [moby/moby#43100](https://github.com/moby/moby/pull/43100)
+- Added new options-setters to the Go API client: `WithTLSClientConfigFromEnv()`, `WithHostFromEnv()`, and `WithVersionFromEnv()`. [moby/moby#42224](https://github.com/moby/moby/pull/42224)
+- Added generation of shell command completion through a `docker completion` subcommand. [docker/cli#3429](https://github.com/docker/cli/pull/3429)
+- API: Added a `Swarm` header to `GET /_ping` and `HEAD /_ping`, allowing single-request detection of Swarm support. [moby/moby#42064](https://github.com/moby/moby/pull/42064)
+- API: Added a `signal` parameter to `POST /containers/{id}/stop` and `POST /containers/{id}/restart` to set the signal used. [moby/moby#43206](https://github.com/moby/moby/pull/43206)
+- API: Added a `CreateMountPoint` parameter to `POST /containers/create`. [moby/moby#43484](https://github.com/moby/moby/pull/43484)
+- API: Added a `shared-size` parameter to `GET /images/json` to enable shared-size computation of images. [moby/moby#42531](https://github.com/moby/moby/pull/42531)
+- API: Added a `type` parameter to `GET /system/df`, to control what object types to are considered when computing disk usage. [moby/moby#42559](https://github.com/moby/moby/pull/42559)
+- systemd: Start `docker.service` after `time-set.target`. [moby/moby#43107](https://github.com/moby/moby/pull/43107)
+
+### Removed
+
+- Removed support for reading configuration from `~/.dockercfg`. [docker/cli#2504](https://github.com/docker/cli/pull/2504)
+
+  This location has been deprecated since 1.7.0.
+
+  [Removal notice](../deprecated.md#support-for-legacy-dockercfg-configuration-files)
+
+- Removed the `-g` and `--graph` daemon options in favor of `--data-root`. [docker/cli#3739](https://github.com/docker/cli/pull/3739)
+
+  These options have been hidden and deprecated since 17.05.
+
+  [Removal notice](../deprecated.md#-g-and---graph-flags-on-dockerd)
+
+- Removed client-side sorting of results, in favor of the order in which the search API returns. [docker/cli#3470](https://github.com/docker/cli/pull/3470)
+- Removed warnings related to deprecated storage drivers from the CLI. Warnings are now handled by the daemon instead. [docker/cli#3542](https://github.com/docker/cli/pull/3542)
+- Removed `Experimental` client field from `docker version`. [docker/cli#3543](https://github.com/docker/cli/pull/3543)
+
+  [Removal notice](../deprecated.md#configuration-options-for-experimental-cli-features)
+
+- Require explicit opt-in to use deprecated storage drivers, and don't automatically select them when upgrading. [moby/moby#43378](https://github.com/moby/moby/pull/43378)
+
+  - [AuFS deprecation notice](../deprecated.md#disabled-by-default-in-v2300)
+  - [Legacy overlay deprecation notice](../deprecated.md#disabled-by-default-in-v2300)
+  - [Device mapper deprecation notice](../deprecated.md#disabled-by-default-in-v2300)
+
+- Removed deprecated support for `overlay` and `overlay2` storage drivers on backing filesystems without `d_type` support. [moby/moby#43472](https://github.com/moby/moby/pull/43472)
+
+  [Removal notice](../deprecated.md#backing-filesystem-without-d_type-support-for-overlayoverlay2)
+
+- Removed the deprecated `overrideKernelCheck` option from the `overlay2` storage driver. [moby/moby#44279](https://github.com/moby/moby/pull/44279)
+
+  [Removal notice](../deprecated.md#support-for-the-overlay2override_kernel_check-storage-option)
+
+- Removed support for the deprecated `io.containerd.runtime.v1.linux` OCI runtime. [moby/moby#43695](https://github.com/moby/moby/pull/43695)
+- Removed LCOW (Linux Containers on Windows). [moby/moby#42451](https://github.com/moby/moby/pull/42451), [moby/moby#42499](https://github.com/moby/moby/pull/42499), [moby/moby#42506](https://github.com/moby/moby/pull/42506), [moby/moby#42511](https://github.com/moby/moby/pull/42511), [moby/moby#42520](https://github.com/moby/moby/pull/42520), [moby/moby#42683](https://github.com/moby/moby/pull/42683), [moby/moby#42684](https://github.com/moby/moby/pull/42684), [moby/moby#42685](https://github.com/moby/moby/pull/42685), [moby/moby#43187](https://github.com/moby/moby/pull/43187)
+
+  LCOW was introduced as a technical preview in 17.09 and deprecated in 20.10.
+
+  [Removal notice](../deprecated.md#linux-containers-on-windows-lcow-experimental)
+
+- Removed daemon options related to legacy overlay networks used with standalone Swarm.
+
+  [Removal notice](../deprecated.md#classic-swarm-and-overlay-networks-using-cluster-store)
+
+  - Removed `--cluster-xx` options from `dockerd`. [moby/moby#40383](https://github.com/moby/moby/issues/40383)
+  - Removed `host-discovery` and overlay networks with external k/v stores. [moby/moby#42247](https://github.com/moby/moby/pull/42247)
+
+- Removed a deprecated `arm` platform fallback. `--platform linux/arm/vY` will now return a error when `arm/vY` isn't available instead of pulling the wrong image. [moby/moby#44414](https://github.com/moby/moby/pull/44414)
+- Removed the deprecated `SetCustomHTTPHeaders()`, `CustomHTTPHeaders()` options-setters from the Go client API. [moby/moby#42694](https://github.com/moby/moby/pull/42694)
+- Removed the deprecated `WithDialer()` option-setter from the Go client API. [moby/moby#44022](https://github.com/moby/moby/pull/44022)
+
+  Users should use `WithDialContext()` instead.
+
+- Removed the daemon implementation of `opts.QuotedString`. The implementation has moved to the CLI. [moby/moby#43250](https://github.com/moby/moby/pull/43250)
+- Removed separate daemon ID from trust-key in the daemon, and disable generating the trust-key. [moby/moby#43555](https://github.com/moby/moby/pull/43555)
+- API: Removed the deprecated `KernelMemory` option from `POST /containers/create` on API version >= 1.42. [moby/moby#43214](https://github.com/moby/moby/pull/43214)
+
+  [Removal notice](../deprecated.md#kernel-memory-limit)
+
+### Deprecated
+
+- Require Windows Server RS5 / LTSC 2019 (build 17763) as the minimum to run the daemon. [moby/moby#43254](https://github.com/moby/moby/pull/43254)
+- Deprecated `BuilderSize` in API versions >= 1.42 [moby/moby#42608](https://github.com/moby/moby/pull/42608)
+- Deprecated `BuildCache.Parent` in favor of the newly introduced `BuildCache.Parents` in API version >= 1.42. [moby/moby#43908](https://github.com/moby/moby/pull/43908)
+- Deprecated `pkg/urlutil`, moving the implementation to `builder/remotecontext/urlutil`. [moby/moby#43477](https://github.com/moby/moby/pull/43477)
+
+### Upgrades
+
+- Upgrade Go to `1.19.5`. [docker/cli#3958](https://github.com/docker/cli/pull/3958), [moby/moby#44794](https://github.com/moby/moby/pull/44794)
+- Upgrade `rootlesskit` to `v0.14.4`. [moby/moby#42708](https://github.com/moby/moby/pull/42708)
+- Upgrade `buildkit` to `v0.10.0`. [moby/moby#43239](https://github.com/moby/moby/pull/43239)
+- Upgrade `swarmkit` to `v2.0.0-20230119195359-904c221ac281`. [moby/moby#44858](https://github.com/moby/moby/pull/44858)
+- Upgrade `containerd` to `v1.6.15`. [moby/moby#44766](https://github.com/moby/moby/pull/44766), [moby/moby#44769](https://github.com/moby/moby/pull/44769)
+- Upgrade `runc` to `v1.1.4`. [moby/moby#44039](https://github.com/moby/moby/pull/44039)
+- Upgrade `hcsshim` `v0.9.6`. [moby/moby#44658](https://github.com/moby/moby/pull/44658)
+- The `btrfs` storage driver now depends on Linux kernel headers (>= 4.12) instead of headers from btrfs-progs. [moby/moby#44776](https://github.com/moby/moby/pull/44776)
+
+### Security
+
+- Change permissions on container `hostconfig.json` files to `0600` (was `0644`). [moby/moby#41620](https://github.com/moby/moby/pull/41620)
+- Fixed `--seccomp-profile` not accepting `unconfined` and renamed the default seccomp profile to `builtin`. [moby/moby#42481](https://github.com/moby/moby/pull/42481)
+- Always build with seccomp support, and remove the `seccomp` build tag. [moby/moby#42501](https://github.com/moby/moby/pull/42501)
+- Added seccomp support on `riscv64`. [moby/moby#43553](https://github.com/moby/moby/pull/43553)
+- Added support for setting flags passed to `seccomp(2)` in seccomp profiles. [moby/moby#42648](https://github.com/moby/moby/pull/42648)
+- Refactored seccomp types to reuse runtime-spec, and add support for `ErrnoRet`. [moby/moby#42005](https://github.com/moby/moby/pull/42005)
+- Added support for `DefaultErrnoRet` in `seccomp` profiles. [moby/moby#42604](https://github.com/moby/moby/pull/42604)
+- Added an explicit `DefaultErrnoRet` field to the default seccomp profile, with no behavior change. [moby/moby#42649](https://github.com/moby/moby/pull/42649)
+- Blocked `socket` with `AF_VSOCK` in the default seccomp profile. [moby/moby#44563](https://github.com/moby/moby/pull/44563)
+- Re-enabled `process_vm_readv` and `process_vm_writev` in the default seccomp profile. [moby/moby#42083](https://github.com/moby/moby/pull/42083)
+- Added syscalls related to PKU to the default seccomp profile. [moby/moby#43812](https://github.com/moby/moby/pull/43812)
+- Allowed `clock_settime64` with `CAP_SYS_TIME`. [moby/moby#43775](https://github.com/moby/moby/pull/43775)
+- Allowed `bpf` with `CAP_BPF` and `perf_event_open` with `CAP_PERFMON`. [moby/moby#43988](https://github.com/moby/moby/pull/43988)
+- Explicitly set the `clone3` syscall to return `ENOSYS` in the default seccomp profile, in order to ensure `glibc` will correctly fallback to using `clone`. [moby/moby#42681](https://github.com/moby/moby/pull/42681)
+
+### Bug fixes and enhancements
+
+- Promoted `overlay2` to be the default storage driver (`btrfs` and `zfs` are now opt-in). [moby/moby#42661](https://github.com/moby/moby/pull/42661)
+- Added a loading spinner to the `docker cp` command. [docker/cli#2708](https://github.com/docker/cli/pull/2708)
+- Deprecated the `ElectAuthServer` function, and made it return the default registry without calling the `GET /info` API endpoint. [docker/cli#2819](https://github.com/docker/cli/pull/2819)
+- Progress bars are no longer reversed when rolling back Swarm services [docker/cli#2940](https://github.com/docker/cli/pull/2940)
+- Use `net.JoinHostPort()` to fix formatting with IPv6 addresses [docker/cli#2972](https://github.com/docker/cli/pull/2972)
+- CLI error messages are now printed to `stderr`. [docker/cli#3044](https://github.com/docker/cli/pull/3044)
+- Improved performance of `docker info` if a custom `--format` is used that only uses local information. With this change, the CLI only uses the daemon API if it detects that information from the daemon is needed. [docker/cli#3179](https://github.com/docker/cli/pull/3179)
+- Removed the default value from the `--stop-signal` flag, as it may not reflect the actual default used by the daemon. [docker/cli#3245](https://github.com/docker/cli/pull/3245)
+- Added Compose schema `3.10` to `docker stack`; allow omitting the `version` field (resulting in `latest`). [docker/cli#3257](https://github.com/docker/cli/pull/3257)
+- Made Compose version `3` equivalent to `3.x` (latest) in `docker stack`. [docker/cli#3445](https://github.com/docker/cli/pull/3445)
+- Fixed `<Ctrl-c>` hanging on Windows to exit after running a container in non-interactive mode. [docker/cli#3302](https://github.com/docker/cli/pull/3302)
+- Added relative source paths to the `run` command in the `-v`/`--volume` and `-m`/`--mount` flags. [docker/cli#3469](https://github.com/docker/cli/pull/3469)
+- `docker exec -t` now sets the console size for the executed process immediately when it's created. [docker/cli#3627](https://github.com/docker/cli/pull/3627)
+- Updated the pretty-print format of `docker info` to provide more details on installed plugins. [docker/cli#3645](https://github.com/docker/cli/pull/3645)
+- Print warning messages for the `docker context list` and `docker context use` commands when the context is overridden by the environment. [docker/cli#3668](https://github.com/docker/cli/pull/3668)
+- Added a custom `aliases` annotation that can be used to print all available aliases for a command. [docker/cli#3694](https://github.com/docker/cli/pull/3694)
+- The CLI no longer creates or updates the CLI configuration file when running `docker context use` and selecting the current context. [docker/cli#3721](https://github.com/docker/cli/pull/3721)
+- Non-existing contexts are now ignored when running `docker context rm --force`. [docker/cli#3791](https://github.com/docker/cli/pull/3791)
+- Added the ability to override integers to `0` in Compose files [docker/cli#3812](https://github.com/docker/cli/pull/3812)
+- SIGINT (`<Ctrl-c>`) now passes through to running containers instead of causing the CLI to exit. [docker/cli#3849](https://github.com/docker/cli/pull/3849)
+- Improved `docker port CONTAINER` UX by sorting ports before printing. [docker/cli#3892](https://github.com/docker/cli/pull/3892)
+- API: `GET /containers/{id}/logs` and `POST /containers/{id}/attach` now report which raw-stream format is in use using the `Content-type` response header on API version >= 1.42. [moby/moby#39812](https://github.com/moby/moby/pull/39812)
+- Set default sandbox size for Windows layers to 127GB, and ensure that the `--storage-opts` flag applies to all storage on Windows. [moby/moby#41636](https://github.com/moby/moby/pull/41636)
+- Removed the plugin section from the containerd configuration file `(/var/run/docker/containerd/containerd.toml)`. [moby/moby#41675](https://github.com/moby/moby/pull/41675)
+- Reject `null` manifests during tar import. [moby/moby#41842](https://github.com/moby/moby/pull/41842)
+- Added shim config for custom runtimes for plugins. [moby/moby#41854](https://github.com/moby/moby/pull/41854)
+- Container health checks now resume when the daemon is restarted. [moby/moby#41935](https://github.com/moby/moby/pull/41935)
+- Quota is no longer disabled on cleanup of the `btrfs` driver. [moby/moby#42273](https://github.com/moby/moby/pull/42273)
+- Host devices that are accessible can now be mounted in `--privileged` rootless containers. [moby/moby#42638](https://github.com/moby/moby/pull/42638)
+- Fixed incorrect handling of `**/foo` recursive wildcard directory patterns in `.dockerignore`. [moby/moby#42676](https://github.com/moby/moby/pull/42676)
+- Extended `docker import --platform` to allow marking an imported image as a foreign architecture. [moby/moby#43103](https://github.com/moby/moby/pull/43103)
+- Validation of CPU real-time options is now performed when the daemon starts instead of performing validations for each individual container, allowing startup to fail early. [moby/moby#43131](https://github.com/moby/moby/pull/43131)
+- Freeze the `namesgenerator` package against new additions. Users will have to be satisfied with the existing 25359 adjective-name combinations. [moby/moby#43210](https://github.com/moby/moby/pull/43210)
+- API: `containers/{id}/attach/ws` only to streams according by `stdin`, `stdout` and `stderr` parameters on API version >= 1.42. [moby/moby#43322](https://github.com/moby/moby/pull/43322)
+- Fixed UDP traffic in containers not working after the container is restarted under sustained traffic. [moby/moby#43409](https://github.com/moby/moby/pull/43409)
+- Added support for pulling images with custom amd64 micro-architecture feature levels as supported by the latest versions of Go, GCC, LLVM, and other compiler tools. [moby/moby#43434](https://github.com/moby/moby/pull/43434)
+- Improved validation of invalid JSON requests in the API. [moby/moby#43463](https://github.com/moby/moby/pull/43463)
+- Mitigated the impact of slow `exec` starts on health checks. Check timeout now only applies to the duration that the health check command is running. The time it takes to start the command no longer counts against the timeout. [moby/moby#43480](https://github.com/moby/moby/pull/43480)
+- Console `tty` size is set immediately on creation. [moby/moby#43593](https://github.com/moby/moby/pull/43593), [moby/moby#43622](https://github.com/moby/moby/pull/43622)
+- Fixed `overlay2` mounts not being cleaned up after failed container starts, or daemon shutdown. [moby/moby#43659](https://github.com/moby/moby/pull/43659)
+- Match manifest list resolution with `containerd`. [moby/moby#43675](https://github.com/moby/moby/pull/43675)
+- Skip use of `firewalld` for networking when the daemon is running in rootless mode. [moby/moby#43813](https://github.com/moby/moby/pull/43813)
+- Custom NAT networks are now re-created after daemon restart if missing on Windows. [moby/moby#43858](https://github.com/moby/moby/pull/43858)
+- Fixed terminating the container health-check process when it times out. [moby/moby#43994](https://github.com/moby/moby/pull/43994)
+- Fixed `live-restore` with restart policies and volume refs. [moby/moby#44237](https://github.com/moby/moby/pull/44237)
+- API: Only anonymous volumes now pruned by default on API version >= v1.42. Pass the filter `all=true` to prune named volumes in addition to anonymous. [moby/moby#44259](https://github.com/moby/moby/pull/44259)
+- API: Support concurrent calls on the `GET /system/df` endpoint. [moby/moby#42715](https://github.com/moby/moby/pull/42715)
+- The daemon more reliably dumps the stack and exits with code 2 when sent a SIGQUIT. [moby/moby#44831](https://github.com/moby/moby/pull/44831)
+- Fixed a rare deadlock in the daemon caused by buffering of container logs. [moby/moby#44856](https://github.com/moby/moby/pull/44856)
+- Improved error handling in misc filesystem operations so that the daemon can start on a overlayfs backing filesystem. [moby/moby#44834](https://github.com/moby/moby/pull/44834)
+- Fixed an issue where `--ipc=host` wasn't handled correctly when the daemon is running in rootless mode. [moby/moby#44863](https://github.com/moby/moby/pull/44863)
+- Fixed a long-standing set of issues where stale conntrack entries caused incorrect routing of UDP traffic for containers. [moby/moby#44752](https://github.com/moby/moby/pull/44752)
+- Fixed half-registered containers being listed in the API, as well as a nil pointer de-reference and panic caused by using a partially registered container in API calls. [moby/moby#44633](https://github.com/moby/moby/pull/44633)
+- Fixed a failure to create the `DOCKER-USER` ip6tables chain. [moby/moby#44845](https://github.com/moby/moby/pull/44845)
+- Fixed a failure to clean up iptables rules when the `ip6tables` command isn't available. [moby/moby#44727](https://github.com/moby/moby/pull/44727)
+- Fixed an issue where some iptables NAT rules weren't cleaned up after enabling the userland proxy. [moby/moby#44811](https://github.com/moby/moby/pull/44811)
+- Fixed a potentially leaked process in rare situations where cleaning up a failed attempt to start a container was mishandled. [moby/moby#44400](https://github.com/moby/moby/pull/44400)
+- Fixed the `CreatedAt` time of a volume reflecting initialization and not creation. [moby/moby#44725](https://github.com/moby/moby/pull/44725)
+- Fixed an issue where the CLI incorrectly reported an incompatible server instead of an unreachable server in some commands. [docker/cli#3901](https://github.com/docker/cli/pull/3901), [docker/cli#3904](https://github.com/docker/cli/pull/3904)
+- Fixed broken completion of volumes in Zsh. [docker/cli#2998](https://github.com/docker/cli/pull/2998)
+- Improved output of `docker context` when an invalid context is present. [docker/cli#3847](https://github.com/docker/cli/pull/3847)
+- Removed ANSI decoration of CLI help annotations when the output isn't a TTY, and added a newline for readability. [docker/cli#3973](https://github.com/docker/cli/pull/3973)