While doing a package upgrade I saw this ..................................................................[done (2.2 MiB/s)] Warning: Digest verification failed for file 'MozillaFirefox-47.0.1-541.2.x86_64.rpm' [/var/cache/zypp/packages/MozillaFACTORY/x86_64/MozillaFirefox-47.0.1-541.2.x86_64.rpm] expected ab94e037ad3568d8d09088d1e32e2bc3057ff219d3171085170e9fe1eae115da but got 2c7af9fd04b5c9d8e230fd928a65135696c880088c94559c7a5e8d9f0c062ed7 Accepting packages with wrong checksums can lead to a corrupted system and in extreme cases even to a system compromise. However if you made certain that the file with checksum '2c7a..' is secure, correct and should be used within this operation, enter the first 4 characters of the checksum to unblock using this file on your own risk. Empty input will discard the file. Unblock or discard? [2c7a/? shows all options] (discard): I hit <ENTER> to accept the default and "discard" Instead of discarding it, it ACCEPTED the upgrade as started to download it Retrieving: MozillaFirefox-47.0.1-541.2.x86_64.rpm .........................................................................................<77%>======================= and eventually installed it -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org