Fixing Debian Repository?

i5513 · May 26, 2016, 9:46pm

Hello,

When on Debian sid , apt update:

W: http://packages.elastic.co/elasticsearch/2.x/debian/dists/stable/Release.gpg: Signature by key 46095ACC8548582C1A2699A9D27D666CD88E42B4 uses weak digest algorithm (SHA1)

You can read about SHA1 removal at Debian Wiki, I will add your repository,
https://wiki.debian.org/Teams/Apt/Sha1Removal

Do you think it is fixable ?

Thank you !

majormoses · May 27, 2016, 12:30am

This will affect users outside of sid, newer versions of ubuntu, I believe 15.10+

KervyN · June 29, 2016, 6:51am

Ubuntu 16.04 also got this issue. Please fix the repository.

markdaku · July 9, 2016, 1:06pm

Bump,

Please update this bug. It's a trivial fix to the repository. This will through security red flags all over the place.

nik9000 · July 9, 2016, 10:44pm

My understanding is that it'll be fixed for 5.0 though I don't have the
issue link handy.

jasontedor · July 10, 2016, 3:26pm

The public issue is #17724.

Topic		Replies	Views
ElasticSearch 7 APT repository - hash sum mismatch Elasticsearch	8	1234	May 26, 2020
Debian repository checksum mismatch Elasticsearch	16	97	November 13, 2024
Problems with debian repository Elasticsearch	1	452	July 5, 2017
Installation problems - Public key not available Elasticsearch	3	8101	April 21, 2022
APT repository failing Elasticsearch	4	690	October 20, 2021