Possible problem updating

When I run sudo apt-get update in 16.04, I am getting a curious 3 lines at the end:

W: http://debian.yeasoft.net/btsync/dists/unstable/InRelease: Signature by key 06ABBEA18548527F04A2FC2840FC0CD26BF18B15 uses weak digest algorithm (SHA1)

W: http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg: Signature by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 uses weak digest algorithm (SHA1)

W: http://download.videolan.org/pub/debian/stable/Release.gpg: Signature by key 8F0845FE77B16294429A79346BCA5E4DB84288D9 uses weak digest algorithm (SHA1)

I am guessing that these lines are related to VLC, which was already installed, and google chrome and BTsync which I installed myself. Anybody any ideas if this is a problem and how to fix it

Hi steve

Yep, we are all getting this. Something that the other end will take care of in time I guess.

I just performed apt update, upgrade, autoremove and watched carefully… These are the only 2 messages produced that I wasn’t expecting.

AppStream cache update completed, but some metadata was ignored due to errors.

update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults

If the 3 messages are related to this I think it will get fixed without individual end user actions

Got me on that. Sounds unrelated to your link.

@anon42388993 My wording wasn’t exactly clear :sleepy:
1 - the messages I posted were the results of my actions, ie I didn’t have any problems
2 - The link was about @stevecook172001 post

Its a bug Steve!:

It’s not a bug.

New versions of apt have deprecated insecure crypto and hashing algorithms. Those repositories are using SHA1 which will be removed from apt in 2017. The repository maintainers need to update their repositories, I’m part of the Debian team trying to contact 3rd party repository maintainers and request they upgrade.

3 Likes