diff --git a/.gitignore b/.gitignore
index d2b88d7..a0b72fa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@
 /cjdns-v20.4.tar.gz
 /python-cjdns-0.1.tar.gz
 /cjdns-v20.5.tar.gz
+/cjdns-v20.6.tar.gz
diff --git a/cjdns.README_Fedora.md b/cjdns.README_Fedora.md
index 7f8430b..397f10c 100644
--- a/cjdns.README_Fedora.md
+++ b/cjdns.README_Fedora.md
@@ -45,10 +45,11 @@ cannot [insert standard cryptography disclaimer] be spoofed.  Most mesh VPNs
 decrypt packets before routing to a new node.  This means that if a relay node
 is compromised in a conventional VPN, it can see and even alter packets.  All
 cjdns packets are end to end encrypted - relay nodes are untrusted.  Cjdns is
-source routed, there is no centralized routing.  If a node is "blackholing"
-your packets for some reason - simply doesn't route through that node anymore.
-(But see Security below.)  The usual security problems with source routing
-don't apply because cjdns IPs can't be (easily) spoofed.
+source routed, there is no centralized routing (an option for chosen route
+servers is slated for future implementation).  If a node is "blackholing"
+your packets for some reason - cjdns simply doesn't route through that node
+anymore.  (But see Security below.)  The usual security problems with source
+routing don't apply because cjdns IPs can't be (easily) spoofed.
 
 ## Startup
 
@@ -80,9 +81,6 @@ can speed this up dramatically with:
 
 The resume service restarts cjdns when the system wakes up from sleep.
 
-For rhel6, use ```start cjdns``` instead of systemctl - ditto for restart
-and stop.
-
 ## Security
 
 By default, Fedora Workstation will treat the tun device created by cjdroute as
@@ -103,7 +101,8 @@ are more cumbersome.
 The Distributed Hash Table algorithm is a core component of cjdns - which is
 vulnerable to a Denial of Service attack known as "Sybil".  This attack can
 block specific updates to the DHT - to prevent your node from joining a mesh,
-for instance.
+for instance.  The Sybil attack is less effective because Cjdns uses
+chosen peers.  Simply cut off abusive peers.
 
 On the positive side, you can safely use telnet to cjdns IPs and the http
 protocol is automatically encrypted (but you need a secure DNS or raw ip to be
@@ -150,7 +149,7 @@ http_access allow adultpcs
 
 You may install a network service that depends on cjdns, for instance you might
 install thttpd to serve up
-[nodeinfo.json](https://docs.meshwith.me/en/cjdns/nodeinfo.json.html).  If
+[nodeinfo.json](https://github.com/hyperboria/docs/blob/master/cjdns/nodeinfo-json.md).  If
 thttpd is configured to listen only on your cjdns IP, then it will not start
 until cjdns is up and running.  Add ```After=cjdns-wait-online.service``` to
 ```thttpd.service``` to hold off starting the service until cjdns has the
diff --git a/cjdns.fuzz.patch b/cjdns.fuzz.patch
index 878f7c6..33b4ada 100644
--- a/cjdns.fuzz.patch
+++ b/cjdns.fuzz.patch
@@ -7,7 +7,7 @@ diff -up ./test/Main_fuzz_test.c.fuzz ./test/Main_fuzz_test.c
      uint64_t now = Time_currentTimeMilliseconds(ctx->base);
 -    if ((now - ctx->startTime) > 5000) {
 -        Assert_failure("Failed to link in 5 seconds");
-+    if ((now - ctx->startTime) > 100000) {
++    if ((now - ctx->startTime) > 200000) {
 +        Assert_failure("Failed to link in 100 seconds");
      }
  }
diff --git a/cjdns.spec b/cjdns.spec
index a16b7e7..e949b2f 100644
--- a/cjdns.spec
+++ b/cjdns.spec
@@ -83,7 +83,7 @@
 
 Name:           cjdns
 # major version is cjdns protocol version:
-Version:        20.5
+Version:        20.6
 Release:        1%{?dist}
 Summary:        The privacy-friendly network without borders
 # cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
@@ -345,14 +345,14 @@ rm -rf node_build/dependencies/libuv
 %else
 rm -rf node_build/dependencies/libuv/build/gyp # use system gyp
 %ifarch s390x
-sed -i -e '/optimizeLevel:/ s/-O0/-O1/' node_build/make.js
+sed -i -e '/optimizeLevel:/ s/-O0/-O3/' node_build/make.js
 %else
-sed -i -e '/optimizeLevel:/ s/-O0/-O2/' node_build/make.js
+sed -i -e '/optimizeLevel:/ s/-O0/-O3/' node_build/make.js
 %endif
 %endif
 %patch19 -p1 -b .fuzz
 #patch20 -p1 -b .sysctl
-%patch22 -b .gcc10
+#patch22 -b .gcc10
 
 cp %{SOURCE1} README_Fedora.md
 
@@ -770,6 +770,16 @@ fi
 %{_bindir}/graphStats
 
 %changelog
+* Mon Mar 16 2020 Stuart Gathman <stuart@gathman.org> - 20.6-1
+- New upstream release
+
+* Mon Mar 16 2020 Stuart Gathman <stuart@gathman.org> - 20.5-3
+- Rebuilt for Fedora 33
+- Minor doc updates
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
 * Wed Jan 22 2020 Stuart Gathman <stuart@gathman.org> - 20.5-1
 - New upstream release
 
diff --git a/sources b/sources
index 57c705f..a1f0a31 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,4 @@
 SHA512 (cjdns-v20.4.tar.gz) = 5a6bd36b2edd07fa883efa4b14dd8a7ba0189bf43404e27ab6ae3b0c2f1e63ce738c52b34416f51f93c9752f6654ea95eac2c71897d2a1e19f4a6d1ca3bad46d
 SHA512 (python-cjdns-0.1.tar.gz) = f3b7c9afe6bc2f8b0b872cc7fbe9e997657ecf1cbb1f7e8e417099f1265541af919e965be2508a8613f3a2223020ac077473fe48c78f9553dda1a927364bb256
 SHA512 (cjdns-v20.5.tar.gz) = 36ae20182b9e9601ae64630cb0fa96caccbe5279be48520ea8b457a15437da5c9b48a5ae5588bd76ef819efe696b5a582a906a50e4dbe7760bb96fa7d1d63ea3
+SHA512 (cjdns-v20.6.tar.gz) = 34057583f2215899b96f95cc60ba0532aff12834ad2c4b432a6752c811f60ed3d6d33ec82e039b159f090558020faf69c71b373ac33ca9e41b186be0b87c3332