diff --git a/releases/v1.3.0-beta.toml b/releases/v1.3.0-beta.toml
index cc3db8e27..9066ec168 100644
--- a/releases/v1.3.0-beta.toml
+++ b/releases/v1.3.0-beta.toml
@@ -46,6 +46,7 @@ implemented in the client libraries without requiring daemon upgrade.
 * **Add payload parameter to apply in diff service API**
 
 ### CRI
+This version of containerd is validated against v1.15, but it is also compatible with Kubernetes v1.12+. (See [more details](https://github.com/containerd/cri#support-metrics) about support metrics)
 
 #### Features
 * **Supported per-pod containerd shim.** The `io.containerd.runc.v2` runtime is fully validated and ready to be used in production. This helps minimizing per-pod resource overhead. Note that `io.containerd.runtime.v1.linux` is still the default runtime. (https://github.com/containerd/cri/issues/1075)
@@ -61,19 +62,26 @@ implemented in the client libraries without requiring daemon upgrade.
 * **Added `stream_idle_time` option.** This makes idle connection timeout of the streaming server configurable. (https://github.com/containerd/cri/issues/1057)
 * **Added [traffic shaping pod annotations](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/#support-traffic-shaping) support.** *NOTE: traffic shaping is still an experimental feature in Kubernetes.* (https://github.com/containerd/cri/issues/1150)
 * **Added `max_conf_num` option to `plugins.cri.cni`**. This makes it possible to setup multiple CNI networks in a pod. *NOTE: multi-network is not an officially supported feature in Kubernetes.*(https://github.com/containerd/cri/issues/1154)
-* **Added `plugins.cri.registry.tls_configs` option to support TLS connections to registries.** (https://github.com/containerd/cri/issues/1143)
+* **Added `plugins.cri.registry.configs` option to support TLS and auth configs of registries.** (https://github.com/containerd/cri/issues/1143) *NOTE: Non-mutual TLS is also supported. (https://github.com/containerd/containerd/issues/3521)* (see [registry.md](https://github.com/containerd/cri/blob/f1d492b0cdd14e76476ee4dd024696ce3634e501/docs/registry.md) for more details)
 * **Added tcp endpoint for CRI service.** The tcp service can be disabled with the `disable_tcp_service` option, and it is disabled by default. (https://github.com/containerd/cri/issues/1181)
 * **Added `max_concurrent_downloads` option to restrict the number of concurrent downloads for each image.** The default concurrency is `3`. (https://github.com/containerd/cri/pull/1211)
+* **Added `privileged_without_host_devices` runtime option to disable host devices for privileged pods for the runtime.** This is especially useful for runtimes like kata. (https://github.com/containerd/cri/issues/1213)
 
 #### Enhancements
-* Avoid `Status` lockup when CNI network setup/teardown is slow. (https://github.com/containerd/cri/issues/1078)
+* Avoided `Status` lockup when CNI network setup/teardown is slow. (https://github.com/containerd/cri/issues/1078)
 * Added CNI config in `Status` (`crictl info`) output. (https://github.com/containerd/cri/pull/1158)
+* Supported URL path in `plugins.cri.registry.mirrors`, e.g. `https://my.custom.registry/anypath`. (https://github.com/containerd/cri/pull/1227)
+* Added wildcard `*` support in `plugins.cri.registry.mirrors`. (https://github.com/containerd/cri/issues/1196)
+* Removed an unnecessary round-trip to the image registry when pulling image. (https://github.com/containerd/cri/issues/1229)
+* Updated cni library to v0.7.1 which has better context cancellation support. (https://github.com/containerd/cri/issues/1236)
+* Updated cni plugins to v0.7.6 to fix a race condition in the `bridge` plugin. (https://github.com/containerd/containerd/issues/3507)
 
 #### Deprecation
 * `ctr cri load` command is deprecated, use `ctr -n=k8s.io images import` instead.(https://github.com/containerd/cri/issues/909)
 * The `plugins.cri.containerd.default_runtime` option is deprecated, use `plugins."io.containerd.grpc.v1.cri".containerd.default_runtime_name` instead. (https://github.com/containerd/cri/issues/1076)
 * Runtime options including `systemd_cgroups`, `runtime_engine` and `runtime_root` are deprecated, use runtime `options` instead. (https://github.com/containerd/cri/pull/1217)
 * `runtimeHandler` field is moved from the sandbox `info` into `status`. (https://github.com/containerd/cri/pull/1063)
+* `plugins.cri.registry.auths` is deprecated, use `plugins.cri.registry.configs` instead. (https://github.com/containerd/cri/pull/1227)
 
 ### Other
 * **Support additional garbage collection labels.** Allows more advanced resource management use cases on the client