Public bug reported: Since xenial updated the requirements for the strength of PGP signatures of packages, packages from some repositories are no longer updated. Apt- get update reports these errors:
E: Failed to fetch http://[...]/Release No Hash entry in Release file /var/lib/apt/lists/partial/[...] which is considered strong enough for security purposes E: Some index files failed to download. They have been ignored, or old ones used instead. While the motivation for the change is valid, the result is a potential security problem, as the new versions of the packages that may fix recently discovered vulnerabilities are not automatically installed. One less important but unfortunate effect is a scary message that is displayed to the user, without clear explanation that the problem needs to be addressed by the repository owner. Related: Bug #1558331 ** Affects: apt (Ubuntu) Importance: Undecided Status: New ** Tags: xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1562733 Title: apt signature requierements prevent updates from some repositories To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1562733/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
