When running apt update in Ubuntu MATE 16.04

ricky2 · 18 March 2016 22:16

1 package can be upgraded. Run ‘apt list --upgradable’ to see it.
W: gpgv:/var/lib/apt/lists/ppa.launchpad.net_flexiondotorg_hal-flash_ubuntu_dists_xenial_InRelease: The repository is insufficiently signed by key 824A27DD09DEDA33BF7835962EA8F35793D8809A (weak digest)
W: gpgv:/var/lib/apt/lists/partial/ppa.launchpad.net_ubuntu-mate-dev_welcome_ubuntu_dists_xenial_InRelease: The repository is insufficiently signed by key 709A860A600B9A61FEF5346AFB01CC26162506E7 (weak digest)

I don’t know how to deal with this…

elcste · 18 March 2016 23:32

You can ignore it since it’s just a warning. It’s warning the repo that is signed with a weak key, probably SHA1. The change is discussed in a couple of blog posts by a Debian/Ubuntu developer: https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/ and https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/.

lah7 · 18 March 2016 23:38

Debian have made some changes to signature verification, in which Ubuntu will be following suit. So some repositories may temporarily show this warning.

lah7 · 19 March 2016 10:22

Also, see @Wimpy’s announcement:

wolfman · 19 March 2016 14:13

I just ran today’s updates and everything went fine with no messages at all running UM 16.04!.