While doing a package upgrade
I saw this
..................................................................[done (2.2 MiB/s)]
Warning: Digest verification failed for file 'MozillaFirefox-47.0.1-541.2.x86_64.rpm'
[/var/cache/zypp/packages/MozillaFACTORY/x86_64/MozillaFirefox-47.0.1-541.2.x86_64.rpm]
expected ab94e037ad3568d8d09088d1e32e2bc3057ff219d3171085170e9fe1eae115da
but got 2c7af9fd04b5c9d8e230fd928a65135696c880088c94559c7a5e8d9f0c062ed7
Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise.
However if you made certain that the file with checksum '2c7a..' is secure, correct
and should be used within this operation, enter the first 4 characters of the checksum
to unblock using this file on your own risk. Empty input will discard the file.
Unblock or discard? [2c7a/? shows all options] (discard):
I hit <ENTER> to accept the default and "discard"
Instead of discarding it, it ACCEPTED the upgrade as started to download it
Retrieving: MozillaFirefox-47.0.1-541.2.x86_64.rpm .........................................................................................<77%>=======================
and eventually installed it
--
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org