From 667e6ebd4e2442d39512e63215e79d693d0780aa Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 24 Jan 2024 16:19:43 +0100
Subject: [PATCH] NEWS: tag version 1.14

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 NEWS | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/NEWS b/NEWS
index 72706fc5e9..825bc3f454 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,15 @@
+* crun-1.14
+
+- build: drop dependency on libgcrypt.  Use blake3 to compute the cache
+  key.
+- cpuset: don't clobber parent cgroup value when writing the cpuset
+  value.
+- linux: force umask(0).  Iit ensures that the `mknodat` syscall is
+  not affected by the umask of the calling process, allowing file
+  permissions to be set as specified in the OCI configuration.
+- ebpf: do not require MEMLOCK for eBPF programs.  This requirement
+  was relaxed in Linux 5.11.
+
 * crun-1.13
 
 - src: use O_CLOEXEC for all open/openat calls