google chrome repositories is one of the other.
It looks like SHA1 signing keys has been deprecated :
https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-
apt-sha1/
Please at least add SHA2 in PPAs.
--
You received this bug notification because you are a member of Ubuntu
I have 6 external repos configured, and all 6 fire the warning.
If nothing else, the warning really needs to be re-worded.
"insufficiently signed" and then (weak digest) at the end is not very
straight forward.
W: gpgv:/var/lib/apt/lists/ppa.launchpad.net_js-reynaud_kicad-
Can someone please set this bug to the highest reasonable importance?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1558331
Title:
After upgrading to apt 1.2.7 in Xenial, PPAs and most other third-
@Michael
i've activated your 'staging' ppa , and i confirm the pachage (plasma)
is not loaded as it should (synaptic used)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1558331
Title:
After
No, the PPAs don't need new keys - we just need to upgrade the digest
algorithm used for signing. See the bug of which I've just marked this
as a duplicate.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I'm having the same issue with the google talk plugin, remmina, shutter,
and variety:
W:
gpgv:/var/lib/apt/lists/ppa.launchpad.net_peterlevi_ppa_ubuntu_dists_xenial_InRelease:
The repository is insufficiently signed by key
876E675CB1AABA3494F27BA6C45A53C1A546BE4F (weak digest)
W:
@ Michael
i've not tried your ppas, but canonical-x one, and the upgraded packages
can be loaded as expected, even if the error is shown (as explained into
#3 link).
On your side, to upgrade your ppas, i suppose you need to: 1) purge the
actual key(s), 2) build new one(s) with sha2 to please the
Actually, I guess this may not be a duplicate because there may be other
third-party repositories that need to do similar things (signing with
--digest-algo SHA512 or the equivalent). But see bug 155 for the
PPA case.
--
You received this bug notification because you are a member of Ubuntu
I know that the PPAs need new keys, but it is not obvious how to do
that. After extensive searching, I still cannot figure out how to do
that.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1558331
Hmm, it looks like the combination of the warnings and errors may be
especially confusing. I have several PPAs and the Google Chrome
repository on my system. The PPAs have the packages themselves signed
with SHA256, but the GPG key is only SHA1. These repositories should
work, but display an
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: apt (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1558331
Title:
After
Explanations about the 1.2.7 changelog:
https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-
apt-sha1/
Indeed that message is now uselessly worrying users. Please silence that "104
warning message"; it will only scared the community.
** Tags added: xenial
--
You received
12 matches
Mail list logo