What situation is my system in right now? have all those packages been installed without any proof whatsoever that they were legit and original packages bye suse llc? What do I need to do now? Am I imagining? According to https://bugzilla.opensuse.org/show_bug.cgi?id=1184326#c1
On Thu, 29 Apr 2021 16:34:50 +0200 cagsm wrote: there are two layers of verification: 1) package checksum in the signed repository metadata checked by zypper 2) individual package signatures checked by rpm. step 1) was done successfully during the upgrade for each installed package, step 2) was skipped for the packages signed by the missing keys. This bugzilla comment also says "Nevertheless the system is secure:" My advice would be: before upgrading a critical system to a new version check the open bug reports for this version, especially when it is still in the RC phase and not released yet. Kind regards, Dieter