Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.12
-
None
-
Debian Testing AMD64
ii libmariadbclient18 10.1.12+maria-1~jessie amd64 MariaDB database client library
ii libmariadbclient-dev 10.1.12+maria-1~jessie amd64 MariaDB database development files
ii libmariadbd-dev 10.1.12+maria-1~jessie amd64 MariaDB embedded database, development files
ii mariadb-client-10.1 10.1.12+maria-1~jessie amd64 MariaDB database client binaries
ii mariadb-client-core-10.1 10.1.12+maria-1~jessie amd64 MariaDB database core client binaries
ii mariadb-common 10.1.12+maria-1~jessie all MariaDB database common files (e.g. /etc/mysql/conf.d/mariadb.cnf)
ii mariadb-server-10.1 10.1.12+maria-1~jessie amd64 MariaDB database server binaries
ii mariadb-server 10.1.12+maria-1~jessie all MariaDB database server (metapackage depending on the latest version)
ii mariadb-server-core-10.1 10.1.12+maria-1~jessie amd64 MariaDB database core server filesDebian Testing AMD64 ii libmariadbclient18 10.1.12+maria-1~jessie amd64 MariaDB database client library ii libmariadbclient-dev 10.1.12+maria-1~jessie amd64 MariaDB database development files ii libmariadbd-dev 10.1.12+maria-1~jessie amd64 MariaDB embedded database, development files ii mariadb-client-10.1 10.1.12+maria-1~jessie amd64 MariaDB database client binaries ii mariadb-client-core-10.1 10.1.12+maria-1~jessie amd64 MariaDB database core client binaries ii mariadb-common 10.1.12+maria-1~jessie all MariaDB database common files (e.g. /etc/mysql/conf.d/mariadb.cnf) ii mariadb-server-10.1 10.1.12+maria-1~jessie amd64 MariaDB database server binaries ii mariadb-server 10.1.12+maria-1~jessie all MariaDB database server (metapackage depending on the latest version) ii mariadb-server-core-10.1 10.1.12+maria-1~jessie amd64 MariaDB database core server files
Description
Hello @ll,
I hope, I have chosen the right project, component, severity, and the like ... If not, feel free to change 
I tried to upgrade my system today as usual with "apt-get update && apt-get upgrade", and got the error message
W: gpgv:/var/lib/apt/lists/ftp.hosteurope.de_mirror_mariadb.org_repo_10.1_debian_dists_jessie_InRelease: The repository is insufficiently signed by key 199369E5404BD5FC7D2FE43BCBCB082A1BB943DB (weak digest)
|
While searching the web for this message, I stumbled upon https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/, where I found a link to wiki.debian.org/Teams/Apt/Sha1Removal. In this wiki page, it says
Fixing broken repositories
Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256.
. I would like to ask if it would be possible to fix this bug as fast as possible to be able to use MariaDB's own repository to upgrade to newer versions.
Thanks in advance
Thomas.
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Description |
Hello @ll,
I hope, I have chosen the right project, component, severity, and the like ... If not, feel free to change :) I tried to upgrade my system today as usual with "apt-get update && apt-get upgrade", and got the error message <snip> W: gpgv:/var/lib/apt/lists/download.opensuse.org_repositories_isv:_ownCloud:_desktop_Debian%5f8.0_Release.gpg: The repository is insufficiently signed by key F9EA4996747310AE79474F44977C43A8BA684223 (weak digest) </snip> While searching the web for this message, I stumbled upon https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/, where I found a link to wiki.debian.org/Teams/Apt/Sha1Removal. In this wiki page, it says <quote> Fixing broken repositories Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256. </quote> . I would like to ask if it would be possible to fix this bug as fast as possible to be able to use MariaDB's own repository to upgrade to newer versions. Thanks in advance Thomas. |
Hello @ll,
I hope, I have chosen the right project, component, severity, and the like ... If not, feel free to change :) I tried to upgrade my system today as usual with "apt-get update && apt-get upgrade", and got the error message {noformat} W: gpgv:/var/lib/apt/lists/download.opensuse.org_repositories_isv:_ownCloud:_desktop_Debian%5f8.0_Release.gpg: The repository is insufficiently signed by key F9EA4996747310AE79474F44977C43A8BA684223 (weak digest) {noformat} While searching the web for this message, I stumbled upon https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/, where I found a link to wiki.debian.org/Teams/Apt/Sha1Removal. In this wiki page, it says {quote} Fixing broken repositories Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256. {quote} . I would like to ask if it would be possible to fix this bug as fast as possible to be able to use MariaDB's own repository to upgrade to newer versions. Thanks in advance Thomas. |
| Component/s | Packaging [ 10700 ] |
| Assignee | Daniel Bartholomew [ dbart ] |
| Due Date | 2016-04-23 |
| Description |
Hello @ll,
I hope, I have chosen the right project, component, severity, and the like ... If not, feel free to change :) I tried to upgrade my system today as usual with "apt-get update && apt-get upgrade", and got the error message {noformat} W: gpgv:/var/lib/apt/lists/download.opensuse.org_repositories_isv:_ownCloud:_desktop_Debian%5f8.0_Release.gpg: The repository is insufficiently signed by key F9EA4996747310AE79474F44977C43A8BA684223 (weak digest) {noformat} While searching the web for this message, I stumbled upon https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/, where I found a link to wiki.debian.org/Teams/Apt/Sha1Removal. In this wiki page, it says {quote} Fixing broken repositories Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256. {quote} . I would like to ask if it would be possible to fix this bug as fast as possible to be able to use MariaDB's own repository to upgrade to newer versions. Thanks in advance Thomas. |
Hello @ll,
I hope, I have chosen the right project, component, severity, and the like ... If not, feel free to change :) I tried to upgrade my system today as usual with "apt-get update && apt-get upgrade", and got the error message {noformat} W: gpgv:/var/lib/apt/lists/ftp.hosteurope.de_mirror_mariadb.org_repo_10.1_debian_dists_jessie_InRelease: The repository is insufficiently signed by key 199369E5404BD5FC7D2FE43BCBCB082A1BB943DB (weak digest) {noformat} While searching the web for this message, I stumbled upon https://juliank.wordpress.com/2016/03/15/clarifications-and-updates-on-apt-sha1/, where I found a link to wiki.debian.org/Teams/Apt/Sha1Removal. In this wiki page, it says {quote} Fixing broken repositories Repository owners should make sure their release files and Packages files contain SHA256 or SHA512 fields. If they have Sources files, those should contain Checksums-Sha256. {quote} . I would like to ask if it would be possible to fix this bug as fast as possible to be able to use MariaDB's own repository to upgrade to newer versions. Thanks in advance Thomas. |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Due Date | 2016-04-23 | 2016-05-14 |
| Fix Version/s | 10.1.14 [ 21804 ] | |
| Fix Version/s | 10.0.25 [ 21701 ] | |
| Fix Version/s | 10.2.0 [ 20700 ] | |
| Resolution | Fixed [ 1 ] | |
| Status | In Progress [ 3 ] | Closed [ 6 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Closed [ 6 ] | Stalled [ 10000 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Stalled [ 10000 ] | Closed [ 6 ] |
| Link |
This issue relates to |
| Workflow | MariaDB v3 [ 74644 ] | MariaDB v4 [ 150253 ] |