Hi Jens, We got that issue reported once, but we never got a reproducible path for it. https://github.com/bareos/bareos/issues/2353
Could you develop a bit more how your system was provisioned to get that error. Regards. If you have interesting details, you can reopen the issue and add them there. On Wednesday, 15 October 2025 at 13:00:23 UTC+2 [email protected] wrote: > Hello guys, > > after upgrading a server to Debian 13 I get this warning when I do an 'apt > update'. > > root@gandalf# LC_ALL=C apt update --audit > Hit:1 https://download.bareos.org/current/Debian_13 InRelease > <snip> > All packages are up to date. > Warning: https://download.bareos.org/current/Debian_13/InRelease: Policy > will reject signature within a year, see --audit for details > Audit: https://download.bareos.org/current/Debian_13/InRelease: > Sub-process /usr/bin/sqv returned an error code (1), error message is: > Signing key on 82834CF002D89BA55C1ED0AA42DA24A6DFEF9127 is not bound: > No binding signature at time 2025-10-09T09:15:50Z > because: Policy rejected non-revocation signature > (PositiveCertification) requiring second pre-image resistance > because: SHA1 is not considered secure since 2026-02-01T00:00:00Z > > I've just looked up if I have the most recent key and at least I haven't > found a newer one on the website. > > Right now this is not an issue but as far as I understand the message it > will be a problem from 2026-02-01. Are there any plans to create are more > secure key (sorry if I mix up keys, signatures etc. because I'm not too > familiar with these things). > > Greetings, Jens > -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/bareos-users/6dcdf665-45ef-42b4-950e-326911f0f37cn%40googlegroups.com.
