SparkyLinux Forums

Installation & Upgrade => System upgrading => Topic started by: hallenberger on March 24, 2016, 03:17:17 PM

Title: Error when "sudo apt-get update"
Post by: hallenberger on March 24, 2016, 03:17:17 PM
Hello!

Since some days I get the following error, when I try to update the system:


W: gpgv:/var/lib/apt/lists/sparkylinux.org_repo_dists_testing_InRelease: The repository is insufficiently signed by key 9F5CDA37669C216973D771F61CE63BD7D117204E (weak digest)
W: gpgv:/var/lib/apt/lists/deb.playonlinux.com_dists_squeeze_InRelease: The repository is insufficiently signed by key 74F7358425EEB6176094C884E0F72778C4676186 (weak digest)
W: gpgv:/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release.gpg: The repository is insufficiently signed by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 (weak digest)
N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://dl.google.com/linux/chrome/deb stable InRelease' doesn't support architecture 'i386'
W: gpgv:/var/lib/apt/lists/APT.spideroak.com_ubuntu-spideroak-hardy_dists_release_Release.gpg: The repository is insufficiently signed by key FE45E5330B11DCF03247EF49A6FF22FF08C15DD0 (weak digest)
W: gpgv:/var/lib/apt/lists/partial/dl.google.com_linux_earth_deb_dists_stable_Release.gpg: The repository is insufficiently signed by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 (weak digest)
W: gpgv:/var/lib/apt/lists/linux.dropbox.com_debian_dists_sid_Release.gpg: The repository is insufficiently signed by key 1C61A2656FB57B7E4DE0F4C1FC918B335044912E (weak digest)
W: Failed to fetch http://dl.google.com/linux/earth/deb/dists/stable/Release  No Hash entry in Release file /var/lib/apt/lists/dl.google.com_linux_earth_deb_dists_stable_Release, which is considered strong enough for security purposes
W: Failed to fetch http://APT.spideroak.com/ubuntu-spideroak-hardy/dists/release/Release  No Hash entry in Release file /var/lib/apt/lists/APT.spideroak.com_ubuntu-spideroak-hardy_dists_release_Release, which is considered strong enough for security purposes


What is wrong?

regards

thomas
Title: Re: Error when "sudo apt-get update"
Post by: paxmark1 on March 25, 2016, 05:35:25 AM
I thought about posting this from Debian Planet a few days ago.  It might be

https://blog.ganneff.de/2016/03/removing-checksums.html

https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/

I have not fired up sparky, had to go sit with someone at hospital (I got paid).

peace out,

Edit added

https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/

Title: Re: Error when "sudo apt-get update"
Post by: py-thon on March 25, 2016, 05:16:27 PM
I got similar "weak digest" messages from synaptic today with respect to the repos of sparky, vivaldi and linuxmint.

The update/upgrade process still works as before but apt (starting with version 1.2.7) now triggers a warning if a repository still uses a key with SHA1 because SHA1 is no longer considered trustworthy.

This is not something we (the users) can change. It has to be done by the repositories' maintainers.
Title: Re: Error when "sudo apt-get update"
Post by: hallenberger on March 25, 2016, 05:18:07 PM
Thank you for the information.

regards

thomas
Title: Re: Error when "sudo apt-get update"
Post by: pavroo on March 25, 2016, 11:18:33 PM
It's alredy fixed.
Title: Re: Error when "sudo apt-get update"
Post by: py-thon on March 26, 2016, 06:01:49 PM
Thanks @ pavroo.
You are quicker than vivaldi or linuxmint  ;)