Uploaded image for project: 'Nuxeo ECM Build/Test Environment'
  1. Nuxeo ECM Build/Test Environment
  2. NXBT-1350

Warning during .deb installation

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Debian Packages
    • Epic Link:
    • Tags:
    • Upgrade notes:
      Hide

      The APT Nuxeo key has been updated, issue the command:
      wget q -O http://apt.nuxeo.org/nuxeo.key | sudo apt-key add -

      Show
      The APT Nuxeo key has been updated, issue the command: wget q -O http://apt.nuxeo.org/nuxeo.key | sudo apt-key add -
    • Sprint:
      DevOps-13, DevOps-14, DevOps-15
    • Story Points:
      8

      Description

      Installing / Updating from the Nuxeo repository requires to add the public key of the repo. See https://doc.nuxeo.com/display/ADMINDOC710/Installing+the+Nuxeo+Platform+on+Linux

      Unfortunately the packages seem to be signed with a weak digest:

      apt-get update
Holen:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [94,5 kB]
[...]
Paketlisten werden gelesen... Fertig
W: gpgv:/var/lib/apt/lists/apt.nuxeo.org_dists_xenial_Release.gpg: The repository is insufficiently signed by key 0F3BCCFE175E96EE42FB77DD5E2FAE6BDD1BF5E4 (weak digest)

      Origin: https://answers.nuxeo.com/general/q/3fcdb74ebf8e4de0b32f085760d2dc2c/Ubuntu-Debian-Repos-show-insufficiently-signed-weak-digest

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: