Fixing Debian Repository?

Hello,

When on Debian sid , apt update:

W: http://packages.elastic.co/elasticsearch/2.x/debian/dists/stable/Release.gpg: Signature by key 46095ACC8548582C1A2699A9D27D666CD88E42B4 uses weak digest algorithm (SHA1)

You can read about SHA1 removal at Debian Wiki, I will add your repository,
https://wiki.debian.org/Teams/Apt/Sha1Removal

Do you think it is fixable ?

Thank you !

This will affect users outside of sid, newer versions of ubuntu, I believe 15.10+

Ubuntu 16.04 also got this issue. Please fix the repository.

Bump,

Please update this bug. It's a trivial fix to the repository. This will through security red flags all over the place.

My understanding is that it'll be fixed for 5.0 though I don't have the
issue link handy.

The public issue is #17724.