I have 6 external repos configured, and all 6 fire the warning. If nothing else, the warning really needs to be re-worded. "insufficiently signed" and then (weak digest) at the end is not very straight forward.
W: gpgv:/var/lib/apt/lists/ppa.launchpad.net_js-reynaud_kicad- 4_ubuntu_dists_xenial_InRelease: The repository is insufficiently signed by key 5F1E4C625E24069D9072394F83FBAD2D910F124E (weak digest) deb http://downloads.hipchat.com/linux/apt stable main deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main deb http://ppa.launchpad.net/js-reynaud/kicad-4/ubuntu xenial main deb http://ppa.launchpad.net/nilarimogard/webupd8/ubuntu wily main deb http://repo.steampowered.com/steam/ precise steam deb http://ppa.launchpad.net/webcamstudio/webcamstudio-dailybuilds/ubuntu xenial main -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1558331 Title: After upgrading to apt 1.2.7 in Xenial, PPAs and most other third- party repositories become unusable with "The repository is insufficiently signed by key (weak digest)" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558331/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs