Bug#850839: apt: insufficient information about untrusted hash algorithm

[Julian Andres Klode <jak@debian.org>]

Control: forcemerge 848146 -1

On Tue, Jan 10, 2017 at 05:59:29PM +0100, Robert Scheer wrote:
> Package: apt
> Version: 1.4~beta2
> Severity: wishlist

I'd say it's minor, it's a cosmetic issue, not new functionality
or hard to do stuff.

> 
> Hi, I have struggled a pretty long time trying to find out why Debian
> stretch would complain about our private package repository, while it
> works perfectly well on Debian jessie and below. 
[...]
> And then I read gnupg/g10/mainproc.c and apt/methods/gpgv.cc
> to find out that it is probably the SHA-1 digest algorithm apt
> doesn't like, which led me to the relative simple fix found on
> https://debian-administration.org/users/dkg/weblog/48

We're tracking this in #848146 already, so I'm merging these
two (which implicitly also aligns the severity to the one
of the other bug).


-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
                  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.