diff --git a/crun-1.19.1.tar.gz b/crun-1.19.1.tar.gz
deleted file mode 100644
index bfa7581..0000000
--- a/crun-1.19.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:32a9f283066640141a0f4401ac7ec7b5dd076b9632ab7e2eb53ff2c4e77bc8c1
-size 1786019
diff --git a/crun-1.19.1.tar.gz.asc b/crun-1.19.1.tar.gz.asc
deleted file mode 100644
index 5f9ccf0..0000000
--- a/crun-1.19.1.tar.gz.asc
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCAAdFiEEr2D8o82qberRV+o6Z+OPeouiF3IFAmdh49UACgkQZ+OPeoui
-F3JaKAf8Cj1pfuua4Xy+K3LRG/6kANrkI4N6WoHgu1iOqFka5bEMDP/TTVx2NLAm
-vAd2wHEArtYpSyHi4FMYrqNmKu2t7/ng+FRKOQyCj7gBvc9hjxUysdDVunb1btZV
-C6zUIe3B3ZxlMhZPfNBGGYBWLKZzY9QT8Jf0Z+7c7qgx3YpMfZAmExkM8IdGi6Ft
-/HsrdSTjY0wUQT4L++e6eU2T/rk8k6TawMk6XI+AxDtIuUNCTYW9EhfN4C5R55VP
-CPrfv0xHUDJSEVPDATVLDPEC+X9zSmWiJqwztR/Tu+qT5T0hVd+SjZPe7NuAZpKf
-H4i0oYnHeg1pCldG3q4audpkUH9DHA==
-=V2ke
------END PGP SIGNATURE-----
diff --git a/crun-1.20.tar.gz b/crun-1.20.tar.gz
new file mode 100644
index 0000000..4fd8403
--- /dev/null
+++ b/crun-1.20.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3746ac699d457070de6b460f35f5d9fea5fbdb9e826d4b9d1ca694a58f0ca465
+size 1787750
diff --git a/crun-1.20.tar.gz.asc b/crun-1.20.tar.gz.asc
new file mode 100644
index 0000000..76d879e
--- /dev/null
+++ b/crun-1.20.tar.gz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEr2D8o82qberRV+o6Z+OPeouiF3IFAmejIpEACgkQZ+OPeoui
+F3LvoAf/a/ueQQokPZiRHKJqfl7SbA5ZTPn6IfkIz/9T/G3kiBPwVyBFLCMZphVE
+CanHoSukNRe/sLjFAWVjm42qNGpibsYMXr8GYqICYN9kE4YJZfgaKA7fDv/lo2lK
+50GxskuoqSMSONhW21CgwE712AU+mInFhG7KjFGbvdWZEPcDHcTRos8v3eyP9fOA
+1sUJdYsXTqvNPIMmOIsH8eRluLiiRLINlaimsB8kHOCgF/YGAGufiXjkPzzQNbfr
+/qxZyloKQ4h2isUdxj37GLlY6FFKbOIML0WCX9Tk1t3SbdIzlsiLo9aeuD3Z1qtf
+9zGiRvnzTc5+k85VfAeLB2/ItTx7+g==
+=0eeb
+-----END PGP SIGNATURE-----
diff --git a/crun.changes b/crun.changes
index 602611b..e18f783 100644
--- a/crun.changes
+++ b/crun.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue Feb 11 08:59:46 UTC 2025 - Madhankumar Chellamuthu <madhankumar.chellamuthu@suse.com>
+
+- Update to 1.20
+  * krun: fix CVE-2025-24965. The .krun_config.json file could be created outside of the container rootfs.
+  * cgroup: reverted the removal of tun/tap from the default allow list, this was done in crun-1.5. The tun/tap device is now added by default again.
+  * CRIU: do not set network_lock unless explicitly specified.
+  * status: disallow container names containing slashes in their name.
+  * linux: Improved error message when failing to set the net.ipv4.ping_group_range sysctl.
+  * scheduler: Ignore ENOSYS errors when resetting the CPU affinity mask.
+  * linux: return a better error message when pidfd_open fails with EINVAL.
+  * cgroup: display the absolute path to cgroup.controllers when a controller is unavailable.
+  * exec: always call setsid. Now processes created through exec get the correct process group id.
+
 -------------------------------------------------------------------
 Tue Jan  7 09:05:57 UTC 2025 - Madhankumar Chellamuthu <madhankumar.chellamuthu@suse.com>
 
diff --git a/crun.spec b/crun.spec
index 6269e66..dc5d919 100644
--- a/crun.spec
+++ b/crun.spec
@@ -27,7 +27,7 @@
 %endif
 
 Name:           crun
-Version:        1.19.1
+Version:        1.20
 Release:        0
 Summary:        OCI runtime written in C
 License:        GPL-2.0-or-later