Warning in Debian package repository: weak signature. #12
Description
The APT software in Debian unstable/testing has now been updated to reject weak digest algorithms, most notably SHA1. The following warning is given, which will soon become an error, and prevent the package from being downloaded or installed:
http://dswd.github.com/Swine/repository/deb/dists/stable/InRelease: Signature by key C900543D4342460D81227C7C5D9944AB735F5C51 uses weak digest algorithm (SHA1)
The Debian wiki says:
"Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256. ... [The above warning] means the GPG signature on the Release file was made with SHA1 as the hash (= digest) algorithm."
Please could you upgrade your release file so that the repository continues to work?
Thanks!