Sourced fromgithub.com/docker/docker's releases.

28.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.3.0 milestone
• moby/moby, 28.3.0 milestone
• Deprecated and removed features, seeDeprecated Features.
• Changes to the Engine API, seeAPI version history.

New

• Add support for AMD GPUs indocker run --gpus.moby/moby#49952
• UseDOCKER_AUTH_CONFIG as a credential store.docker/cli#6008

Bug fixes and enhancements

• Ensure that the state of the container in the daemon database (used by/containers/json API) is up to date when the container is stopped using the/containers/{id}/stop API (before response of API).moby/moby#50136
• Fixdocker image inspect inspect omitting empty fields.moby/moby#50135
• Fixdocker images --tree not marking images as in-use when the containerd image store is disabled.docker/cli#6140
• Fixdocker pull/push hang in non-interactive when authentication is required caused by prompting for login credentials.docker/cli#6141
• Fix a potential resource leak when a node leaves a Swarm.moby/moby#50115
• Fix a regression where a login prompt ondocker pull would show Docker Hub-specific hints when logging in on other registries.docker/cli#6135
• Fix an issue where all new tasks in the Swarm could get stuck in the PENDING state forever after scaling up a service with placement preferences.moby/moby#50211
• Remove an undocumented, hidden, top-leveldocker remove command that was accidentally introduced in Docker 23.0.docker/cli#6144
• Validate registry-mirrors configuration as part ofdockerd --validate and improve error messages for invalid mirrors.moby/moby#50240
• dockerd-rootless-setuptool.sh: Fix the script from silently returning with no error message when subuid/subgid system requirements are not satisfied.moby/moby#50059
• containerd image store: Fixdocker push not creating a tag on the remote repository.moby/moby#50199
• containerd image store: Improve handling of errors returned by the token server duringdocker pull/push.moby/moby#50176

Packaging updates

• Allow customizing containerd service name for OpenRC.moby/moby#50156
• Update BuildKit tov0.23.1.moby/moby#50243
• Update Buildx tov0.25.0.docker/docker-ce-packaging#1217
• Update Compose tov2.37.2.docker/docker-ce-packaging#1219
• Update Docker Model CLI plugin tov0.1.30.docker/docker-ce-packaging#1218
• Update Go runtime to1.24.4.docker/docker-ce-packaging#1213,moby/moby#50153,docker/cli#6124

Networking

• Revert Swarm related changes added in 28.2.x builds, due to a regression reported inmoby/moby#50129.moby/moby#50169
  • Revert: Fix an issue wheredocker network inspect --verbose could sometimes crash the daemon (moby/moby#49937).
  • Revert: Fix an issue where the load-balancer IP address for an overlay network would not be released in certain cases if the Swarm was lacking an ingress network (moby/moby#49948).
  • Revert: Improve the reliability of NetworkDB in busy clusters and lossy networks (moby/moby#49932).
  • Revert: Improvements to the reliability and convergence speed of NetworkDB (moby/moby#49939).
• Fix an issue that could cause container startup to fail, or lead to failed UDP port mappings, when some container ports are mapped to0.0.0.0 and others are mapped to specific host addresses.moby/moby#50054
• Thenetwork inspect response for an overlay network now reports thatEnableIPv4 is true.moby/moby#50147
• Windows: Improve daemon startup time in cases where the host has networks of type"Mirrored".moby/moby#50155
• Windows: Make suredocker system prune anddocker network prune only remove networks created by Docker.moby/moby#50154

... (truncated)

• 265f709 Merge pull request#50247 from vvoland/50245-28.x
• b2a9318 docs: cut api docs for v1.51
• b3e2e22 Merge pull request#50244 from vvoland/50177-28.x
• c571cd8 Merge pull request#50243 from vvoland/50238-28.x
• 8c713c1 gha: lower timeouts on "build" and "merge" steps
• 539c115 Merge pull request#50240 from thaJeztah/28.x_backport_validate_mirrors
• 8e7ea47 vendor: update buildkit to v0.23.1
• 222baf4 vendor: github.com/moby/buildkit v0.23.0
• 1627e82 Merge pull request#50241 from thaJeztah/28.x_backport_update_cgroups
• 4070ebd Merge pull request#50242 from thaJeztah/28.x_backport_fix_event_ordering
• Additional commits viewable incompare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)