repository uses weak digest algorithm (SHA1)

[Matthias Bodenbinder <matthias@bodenbinder.de>]

Hi,

I have a weird signature issue with an LMDE Mint repository. I know that this is not pure debian but nevertheless I think my question is best posted here.

The issue is: I have 4 PC and 1 laptop at home. All running LMDE2. When I do "apt-get update" the PCs have no issue. But the laptop says:

# last 2 lines of "apt-get update" output        
W: http://linux-mint.froonix.org/dists/betsy/Release.gpg: Signature by key E1A38B8F144675D060EA666F3EE67F3D0FF405B2 uses weak digest algorithm (SHA1)
W: http://extra.linuxmint.com/dists/betsy/Release.gpg: Signature by key E1A38B8F144675D060EA666F3EE67F3D0FF405B2 uses weak digest algorithm (SHA1)
##

I reinstalled all keyring debs on the laptop. 



I am using the exact same sources on the laptop and the PCs (rsync of /etc/apt/sources.list*). During the last test I even rsync'ed all /etc/apt/trusted* to the laptop. 

I tried to fetch it via apt-key:

##
# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E1A38B8F144675D060EA666F3EE67F3D0FF405B2
Executing: /tmp/tmp.9xZlldxhO9/gpg.1.sh --keyserver
keyserver.ubuntu.com
--recv-keys
E1A38B8F144675D060EA666F3EE67F3D0FF405B2
gpg: requesting key 0FF405B2 from hkp server keyserver.ubuntu.com
gpg: key 0FF405B2: "Clement Lefebvre (Linux Mint Package Repository v1) <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
##

But the laptop keeps throwing these signature warnings - and only the laptop. Why is that? 

Thank you for your help.
Matthias