From 0d42f1109fd73548f44b01b3e84d04a279e99d2e Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Tue, 1 Jun 2021 10:39:45 +0200
Subject: [PATCH] NEWS: tag 0.20

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 NEWS | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/NEWS b/NEWS
index f90c892bf..d5a5a9368 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,21 @@
+* crun-0.20
+
+- container: call prestart hooks before rootfs is RO.
+- cgroup: added support cleaning custom controllers on cgroupv1.
+- spec: add support for --bundle.
+- exec: add --no-new-privs.
+- exec: add --process-label and --apparmor to change SELinux and
+  AppArmor labels.
+- cgroup: kill procs in cgroup on EBUSY.
+- cgroup: ignore devices errors when running in a user namespace.
+- seccomp: drop SECCOMP_FILTER_FLAG_LOG by default.
+- seccomp: report correct action in error message.
+- apply SELinux label to keyring.
+- add custom annotation run.oci.delegate-cgroup.
+- close_range fallbacks to close on EPERM.
+- report error if the cgroup path was set and the cgroup could not be
+  joined.
+
 * crun-0.19.1
 
 - on exec, honor additional_gids from the process spec, not the