On OpenSUSE Tw

zypper lr
Repository priorities are without effect. All enabled repositories share the same priority.

#  | Alias                               | Name                       | Enabled | GPG Check | Refresh
---+-------------------------------------+----------------------------+---------+-----------+--------
 1 | download.opensuse.org-non-oss       | Main Repository (NON-OSS)  | Yes     | (r ) Yes  | Yes    
 2 | download.opensuse.org-oss           | Main Repository (OSS)      | Yes     | (r ) Yes  | Yes    
 3 | download.opensuse.org-tumbleweed    | Main Update Repository     | Yes     | (r ) Yes  | Yes    
 4 | http-download.opensuse.org-447cf2a7 | openSUSE:Factory           | No      | ----      | ----  
 5 | http-download.opensuse.org-6925c72a | hardware:razer             | Yes     | (r ) Yes  | Yes    
 6 | http-download.opensuse.org-e45a9633 | openSUSE:Tumbleweed        | No      | ----      | ----  
 7 | http-download.opensuse.org-f3a8d516 | home:Horst3180             | Yes     | (r ) Yes  | Yes    
 8 | http-ftp.gwdg.de-2eba93dd           | Packman Repository         | Yes     | (r ) Yes  | Yes    
 9 | http-opensuse-guide.org-da5f09af    | libdvdcss repository       | Yes     | (r ) Yes  | Yes    
10 | repo-debug                          | openSUSE-Tumbleweed-Debug  | No      | ----      | ----  
11 | repo-source                         | openSUSE-Tumbleweed-Source | No      | ----      | ----   

When I do zypper dup, I get :

Retrieving package glibc-2.31-3.2.x86_64                                                                                (5/418),   1.7 MiB (  5.9 MiB unpacked)
Retrieving: glibc-2.31-3.2.x86_64.rpm .......................................................................................................[done (1.3 MiB/s)]

Warning: Digest verification failed for file 'glibc-2.31-3.2.x86_64.rpm'
[/var/tmp/AP_0xTh4ctF/x86_64/glibc-2.31-3.2.x86_64.rpm]

  expected 5d1bb5abf4e3b5abbf191469151c2923a80c3545a7add6b2d6051617102bbaba
  but got  a89ae86e05e55440b3cdf4cf39ae1323fb87459a7968aaeafed6c9f1d2f2f066

For consistently the same packages. I have tried:

# zypper ref (tried --force too)
# zypper clean
# zypper dup

multiple times but keep getting the same issue.

Some packages are even reporting multiple different digests on retrying: (Following is from one run)


Retrieving package gcc9-info-9.2.1+git1192-1.3.noarch                                                                 (174/418),   2.3 MiB (  2.2 MiB unpacked)
Retrieving: gcc9-info-9.2.1+git1192-1.3.noarch.rpm ........................................................................................[done (790.2 KiB/s)]

Warning: Digest verification failed for file 'gcc9-info-9.2.1+git1192-1.3.noarch.rpm'
[/var/tmp/AP_0xTh4ctF/noarch/gcc9-info-9.2.1+git1192-1.3.noarch.rpm]

  expected 0474686086f939eaa42921d38542824b8066fb0f49902ac29b16876693e37802
  but got  b13c9fde9d2dbcf03cdf49048fa0088c56ae19e4e925020f41cbf1ac67a5a845

Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise.

However if you made certain that the file with checksum 'b13c..' is secure, correct
and should be used within this operation, enter the first 4 characters of the checksum
to unblock using this file on your own risk. Empty input will discard the file.

Unblock or discard? [b13c/...? shows all options] (discard):
Package gcc9-info-9.2.1+git1192-1.3.noarch (Main Repository (OSS)) seems to be corrupted during transfer. Do you want to retry retrieval?
Abort, retry, ignore? [a/r/i] (a): r
Retrieving package gcc9-info-9.2.1+git1192-1.3.noarch                                                                 (174/418),   2.3 MiB (  2.2 MiB unpacked)
Retrieving: gcc9-info-9.2.1+git1192-1.3.noarch.rpm ..........................................................................................[done (1.5 MiB/s)]

Warning: Digest verification failed for file 'gcc9-info-9.2.1+git1192-1.3.noarch.rpm'
[/var/tmp/AP_0xTh4ctF/noarch/gcc9-info-9.2.1+git1192-1.3.noarch.rpm]

  expected 0474686086f939eaa42921d38542824b8066fb0f49902ac29b16876693e37802
  but got  d544e4e1439a2a79ea65173bb2c142a26f1ca1818d21a4d2c9264ccc853fe0ae

Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise.

However if you made certain that the file with checksum 'd544..' is secure, correct
and should be used within this operation, enter the first 4 characters of the checksum
to unblock using this file on your own risk. Empty input will discard the file.

Unblock or discard? [d544/...? shows all options] (discard):
Package gcc9-info-9.2.1+git1192-1.3.noarch (Main Repository (OSS)) seems to be corrupted during transfer. Do you want to retry retrieval?
Abort, retry, ignore? [a/r/i] (a): r
Retrieving package gcc9-info-9.2.1+git1192-1.3.noarch                                                                 (174/418),   2.3 MiB (  2.2 MiB unpacked)
Retrieving: gcc9-info-9.2.1+git1192-1.3.noarch.rpm ..........................................................................................[done (1.3 MiB/s)]

Warning: Digest verification failed for file 'gcc9-info-9.2.1+git1192-1.3.noarch.rpm'
[/var/tmp/AP_0xTh4ctF/noarch/gcc9-info-9.2.1+git1192-1.3.noarch.rpm]

  expected 0474686086f939eaa42921d38542824b8066fb0f49902ac29b16876693e37802
  but got  d544e4e1439a2a79ea65173bb2c142a26f1ca1818d21a4d2c9264ccc853fe0ae

Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise.

However if you made certain that the file with checksum 'd544..' is secure, correct
and should be used within this operation, enter the first 4 characters of the checksum
to unblock using this file on your own risk. Empty input will discard the file.

Unblock or discard? [d544/...? shows all options] (discard):
Package gcc9-info-9.2.1+git1192-1.3.noarch (Main Repository (OSS)) seems to be corrupted during transfer. Do you want to retry retrieval?
Abort, retry, ignore? [a/r/i] (a): r
Retrieving package gcc9-info-9.2.1+git1192-1.3.noarch                                                                 (174/418),   2.3 MiB (  2.2 MiB unpacked)
Retrieving: gcc9-info-9.2.1+git1192-1.3.noarch.rpm ..........................................................................................[done (1.3 MiB/s)]

Warning: Digest verification failed for file 'gcc9-info-9.2.1+git1192-1.3.noarch.rpm'
[/var/tmp/AP_0xTh4ctF/noarch/gcc9-info-9.2.1+git1192-1.3.noarch.rpm]

  expected 0474686086f939eaa42921d38542824b8066fb0f49902ac29b16876693e37802
  but got  b13c9fde9d2dbcf03cdf49048fa0088c56ae19e4e925020f41cbf1ac67a5a845

Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise.

However if you made certain that the file with checksum 'b13c..' is secure, correct
and should be used within this operation, enter the first 4 characters of the checksum
to unblock using this file on your own risk. Empty input will discard the file.

Unblock or discard? [b13c/...? shows all options] (discard):