[Bug 1130281] New: Wrong digest: Installation of apparmor fails due to checksum mismatches
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281 Bug ID: 1130281 Summary: Wrong digest: Installation of apparmor fails due to checksum mismatches Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: x86-64 OS: Linux Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: thomas.schulte@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hi! This weekend I tried to install a fresh openSUSE Leap 15 system a few times in different environments using the official repositories, but this constantly fails due to sha256 mismatches of the apparmor* / libapparmor* packages. For example: 2019-03-24 05:39:45 <2> static(3360) [FileChecker] FileChecker.cc(operator()):64 File /mnt/var/cache/zypp/packages/download.opensuse.org-oss_1/noarch/apparmor-docs-2.12-lp150.6.6.1.noarch.rpm has wrong checksum sha256-9a9f16c0db35e8936dcd087019ab9bcb5de92c3f66dec43ebfe262c60671e003 (expected sha256-607e9527fc21811b82da32adfc70b654fe4157ae58b7a3ca6e5458c08b7fe1b8) I'm going to attach the y2log here. I also tried to install these packages in a fresh Docker container (completely different environment), but this fails as well:
# docker pull opensuse/leap:15.0 15.0: Pulling from opensuse/leap Digest: sha256:f5145e07e5eee3808d760b9d80eef2824517051548c727096ade047bcb08818a Status: Image is up to date for opensuse/leap:15.0
# docker run --rm -it opensuse/leap:15.0 bash # zypper ref # zypper in libapparmor1 ... Warning: Digest verification failed for file 'libapparmor1-2.12-lp150.6.6.1.x86_64.rpm' [/var/tmp/AP_0xPF5mLM/x86_64/libapparmor1-2.12-lp150.6.6.1.x86_64.rpm]
expected d05d76d8af190316b9975e2171b7729e8d9ecaf00503dbde0164e5e0746c470c but got 9216bc50c9591cccfb33d43aa3240f0321d9a6dfbfc22ac71eb4f63909a8f319
It seems that currently it's not possible to do an installation of openSUSE Leap 15.0 with default options anymore. Was this possibly caused by a maintenance release of apparmor? Maybe this? https://build.opensuse.org/package/show/openSUSE:Leap:15.0:Update/patchinfo.... Thanks! Thomas -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281#c1
--- Comment #1 from Thomas Schulte
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281#c2
--- Comment #2 from Thomas Schulte
Maybe this? https://build.opensuse.org/package/show/openSUSE:Leap:15.0:Update/patchinfo. 9211?rev=3
Hmm, I found a system which has one of the affected packages "libapparmor1-2.12-lp150.6.6.1.x86_64" already installed since 15 Jan 2019, so this does not seem to be a new package version. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281#c4
Neil Rickert
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281#c5
Dmitry Strizhenko
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281
http://bugzilla.opensuse.org/show_bug.cgi?id=1130281#c6
Andreas Stieger
participants (1)
-
bugzilla_noreply@novell.com