After a lot of further input, the text was changed in APT 1.2.8 to read: W: http://example.com/InRelease: Signature by key 0123456789ABCDEF0123456789ABCDEF01234567 uses weak digest algorithm (SHA1)
The other message: W: Failed to fetch http://example.com/InRelease No Hash entry in Release file /var/lib/apt/lists/partial/example.com_InRelease, which is considered strong enough for security purposes now has an E in front of it: E: Failed to fetch http://example.com/InRelease No Hash entry in Release file /var/lib/apt/lists/partial/example.com_InRelease, which is considered strong enough for security purposes This should hopefully clarify things and be less annoying. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1558331 Title: message "The repository is insufficiently signed by key (weak digest)" is poorly worded Status in apt package in Ubuntu: Confirmed Bug description: The title pretty much says it all. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558331/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp