/chrome/community?hl=en
/chrome/community?hl=en
4/24/16
Original Poster
Michael D. (DE)

Ubuntu 16.04-APT displays warning because Google Repository is still using SHA-1

APT for Debian / Ubuntu is now displaying a warning if a PPA / Repository is still using the deprecated SHA-1. It seems that the the google repository is still using SHA-1

#sudo apt-get update
...
W: http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg: Signature by key 4CCA1EAF950CEE4AB83976DCA040830F7FAC5991 uses weak digest algorithm (SHA1)

@Google-Security Team
When you are treating SHA-1 certificates as unsecure in your browser, you may want to change your own SHA-1 signature key for your linux deb packets.
Community content may not be verified or up-to-date. Learn more.
Recommended Answer
Was this answer helpful?
How can we improve it?
All Replies (40)
JVApen
4/24/16
JVApen
Hi Michael,

The issue is already known and can you can follow its progress by starring the related bug:  crbug.com/596074
You are the first Ubuntu user which indicates this issue, so I guess 16.04 also contains the version with the warning. (Previously only Debian users)

JVApen
Jürgen Schnake
4/27/16
Jürgen Schnake
Just to not let Michael be the only one to report it: Yes, indeed Ubuntu 16.04 reports this regularly. Would be nice if you guys could fix it :-) Thanks in advance!
Achim Behrens
4/28/16
Achim Behrens
i already filed a bug about that in march while testing 16.04. Google told me to change the keys with the next release of chrome for the chrome (and google music manager) repo. which they didnt. 

Ahmad Darwiche
4/28/16
Ahmad Darwiche
Hi,

I'd like to join Michael & Jurgen, I've the same warning too, I tried to remove Chrome & install it again, but same problem.

Thanks
Rakshith Ravi
4/28/16
Rakshith Ravi
I can confirm the warning in my 16.04 system too
34 MORE
JVApen
6/17/16
JVApen
Hi all,

it looks like crbug.com/596074 is fixed and the encryption has been upgraded.

However some local caching is giving new warnings: Failed to fetch http://dl.google.com/linux/earth/deb/dists/stable/main/binary-amd64/Packages  Hash Sum mismatch

These can be fixed by running following commands (you can replace aptitude by apt-get if you like) on Debian, Ubuntu and derivatives. I don't have instructions for RedHat-based distros.
  • sudo rm -rf /var/lib/apt/lists/*
  • sudo aptitude clean
  • sudo aptitude update
  • sudo aptitude upgrade
(Tnx to PeterJB for sharing)

JVApen
 
This question is locked and replying has been disabled. Still have questions? Ask the Help Community.

Badges

Some community members might have badges that indicate their identity or level of participation in a community.

 
Google Employee — Google product team members and community managers
 
Community Specialist — Google partners who help ensure the quality of community content
 
Platinum Product Expert — Community members with advanced product knowledge who help other Google users and Product Experts
 
Gold Product Expert — Community members with in-depth product knowledge who help other Google users by answering questions
 
Silver Product Expert — Community members with intermediate product knowledge who help other Google users by answering questions
 
Product Expert Alumni — Former Product Experts who are no longer members of the program
Community content may not be verified or up-to-date. Learn more.

Levels

Member levels indicate a user's level of participation in a forum. The greater the participation, the higher the level. Everyone starts at level 1 and can rise to level 10. These activities can increase your level in a forum:

  • Post an answer.
  • Having your answer selected as the best answer.
  • Having your post rated as helpful.
  • Vote up a post.
  • Correctly mark a topic or post as abuse.

Having a post marked and removed as abuse will slow a user's advance in levels.

View profile in forum?

To view this member's profile, you need to leave the current Help page.

Report abuse in forum?

This comment originated in the Google Product Forum. To report abuse, you need to leave the current Help page.

Reply in forum?

This comment originated in the Google Product Forum. To reply, you need to leave the current Help page.

false
Search
Clear search
Close search
Google apps
Main menu
Search Help Center
true
237
false