JFTR, I am looking at ways to drop the missing hash entry to a warning before the xenial release. But if I do this, this will be temporarily, and will become an error again starting in January. It will also not apply to the Nvidia repository, as MD5 is too weak to be trusted in any case.
But warnings are always dubious: Most tools do not even show them at all (almost all the graphical ones). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1558331 Title: message "The repository is insufficiently signed by key (weak digest)" is poorly worded To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558331/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
