Skip to content

25.3.8-fips: fixes for verification issues#1616

Merged
mkmkme merged 3 commits intoreleases/25.3.8-fipsfrom
mkmkme/fips/fixes
Apr 7, 2026
Merged

25.3.8-fips: fixes for verification issues#1616
mkmkme merged 3 commits intoreleases/25.3.8-fipsfrom
mkmkme/fips/fixes

Conversation

@mkmkme
Copy link
Copy Markdown
Collaborator

@mkmkme mkmkme commented Apr 3, 2026

Changelog category (leave one):

  • Not for changelog (changelog entry is not required)

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

...

Documentation entry for user-facing changes

...

CI/CD Options

Exclude tests:

  • Fast test
  • Integration Tests
  • Stateless tests
  • Stateful tests
  • Performance tests
  • All with ASAN
  • All with TSAN
  • All with MSAN
  • All with UBSAN
  • All with Coverage
  • All with Aarch64
  • All Regression
  • Disable CI Cache

Regression jobs to run:

  • Fast suites (mostly <1h)
  • Aggregate Functions (2h)
  • Alter (1.5h)
  • Benchmark (30m)
  • ClickHouse Keeper (1h)
  • Iceberg (2h)
  • LDAP (1h)
  • Parquet (1.5h)
  • RBAC (1.5h)
  • SSL Server (1h)
  • S3 (2h)
  • S3 Export (2h)
  • Swarms (30m)
  • Tiered Storage (2h)

mkmkme added 3 commits April 3, 2026 15:43
@mkmkme
shim: fix a memory leak in BIO_do_handshake
714e479 
in SSL_set_bio, if `rbio == wbio`, there's an internal `BIO_up_ref` call
by the function [1]. Doing it manually creates a memory leak. Let's fix
it.

[1] https://github.com/aws/aws-lc/blob/AWS-LC-FIPS-2.0.0/ssl/ssl_lib.cc#L748
@mkmkme
CompressionCodecEncrypted: fix the non-fips build
76d9efa 
Non-fips build uses `*_SIV` algorithms, so let's reflect it in
`registerCodecEncrypted` as well.
@mkmkme
Compression: fix the copy-paste error in fuzzer
80cbce6 
on fips build, `*_SIV` are not defined. Let's fix it.
@mkmkme mkmkme added fips Work related to Altinity FIPS releases fips-25.3 fips-25.3.8.30001 labels Apr 3, 2026
@mkmkme mkmkme mentioned this pull request Apr 3, 2026
Merged
27 tasks
This was referenced Apr 6, 2026
Merged
Merged
@DimensionWieldr
Copy link
Copy Markdown
Collaborator

DimensionWieldr commented Apr 6, 2026

Fixes issues found in #1451 and #1471 . LGTM

AI audit returned no defects found.

@DimensionWieldr DimensionWieldr added the verified Approved for release label Apr 6, 2026
@mkmkme mkmkme merged commit d9c0a8f into releases/25.3.8-fips Apr 7, 2026
271 of 314 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

fips Work related to Altinity FIPS releases fips-25.3 fips-25.3.8.30001 verified Approved for release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mkmkme @DimensionWieldr