Bug ID 1223095
Summary Repository "Validation Check Failed"
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.5
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component YaST2
Assignee yast2-maintainers@suse.de
Reporter garian.nobinger@gmail.com
QA Contact jsrain@suse.com
Target Milestone ---
Found By ---
Blocker ---

Going from Yast2 to Software Manager, in the last couple months I've started
getting a popup saying:

Validation Check Failed (in bold)

File repomd.xml from repository update-sle (15.5)
http://cdn.opensuse.org/update/leap/15.5/sle
is signed with the following GnuPG key, but the integrity check failed: 

ID: 70AF9E8139DB7C82
Fingerprint: FEAB 5025 39D8 46DB 2C09 61CA 70AF 9E81 39DB 7C82
Name: SuSE Package Signing Key <build@suse.de>
Created: 09/21/2020
Expires: 09/20/2024

The file has been changed, either by accident or by an attacker,
since the repository creator signed it. Using it is a big risk
for the integrity and security of your system.

Use it anyway? Y/N


Ive gone to https://en.opensuse.org/openSUSE:Signing_Keys
and looked for a matching key, but don't see one.  So I hesitate to blindly
trust it.  What's the deal with repo signatures suddenly breaking?  I've
ignored this for a few months thinking it was probably a temporary mistake that
would get resolved, but so far hasn't gone away.


You are receiving this mail because: