Advertising

Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

Error when "sudo apt-get update"

Started by hallenberger, March 24, 2016, 03:17:17 PM

Previous topic - Next topic

hallenberger

Hello!

Since some days I get the following error, when I try to update the system:


W: gpgv:/var/lib/apt/lists/sparkylinux.org_repo_dists_testing_InRelease: The repository is insufficiently signed by key 9F5CDA37669C216973D771F61CE63BD7D117204E (weak digest)
W: gpgv:/var/lib/apt/lists/deb.playonlinux.com_dists_squeeze_InRelease: The repository is insufficiently signed by key 74F7358425EEB6176094C884E0F72778C4676186 (weak digest)
W: gpgv:/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release.gpg: The repository is insufficiently signed by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 (weak digest)
N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://dl.google.com/linux/chrome/deb stable InRelease' doesn't support architecture 'i386'
W: gpgv:/var/lib/apt/lists/APT.spideroak.com_ubuntu-spideroak-hardy_dists_release_Release.gpg: The repository is insufficiently signed by key FE45E5330B11DCF03247EF49A6FF22FF08C15DD0 (weak digest)
W: gpgv:/var/lib/apt/lists/partial/dl.google.com_linux_earth_deb_dists_stable_Release.gpg: The repository is insufficiently signed by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 (weak digest)
W: gpgv:/var/lib/apt/lists/linux.dropbox.com_debian_dists_sid_Release.gpg: The repository is insufficiently signed by key 1C61A2656FB57B7E4DE0F4C1FC918B335044912E (weak digest)
W: Failed to fetch http://dl.google.com/linux/earth/deb/dists/stable/Release  No Hash entry in Release file /var/lib/apt/lists/dl.google.com_linux_earth_deb_dists_stable_Release, which is considered strong enough for security purposes
W: Failed to fetch http://APT.spideroak.com/ubuntu-spideroak-hardy/dists/release/Release  No Hash entry in Release file /var/lib/apt/lists/APT.spideroak.com_ubuntu-spideroak-hardy_dists_release_Release, which is considered strong enough for security purposes


What is wrong?

regards

thomas

paxmark1

#1
I thought about posting this from Debian Planet a few days ago.  It might be

https://blog.ganneff.de/2016/03/removing-checksums.html

https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/

I have not fired up sparky, had to go sit with someone at hospital (I got paid).

peace out,

Edit added

https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/

Search forum for "More info easier via inxi"    If requested -  no inxi, no help for you by  me.

py-thon

I got similar "weak digest" messages from synaptic today with respect to the repos of sparky, vivaldi and linuxmint.

The update/upgrade process still works as before but apt (starting with version 1.2.7) now triggers a warning if a repository still uses a key with SHA1 because SHA1 is no longer considered trustworthy.

This is not something we (the users) can change. It has to be done by the repositories' maintainers.
Tower and Notebook: Sparky 64bit MATE

hallenberger

Thank you for the information.

regards

thomas

pavroo

Nothing is easy as it looks. Danielle Steel
Join #sparkylinux.org at irc.libera.chat

py-thon

Thanks @ pavroo.
You are quicker than vivaldi or linuxmint  ;)
Tower and Notebook: Sparky 64bit MATE

View the most recent posts on the forum