As I wrote two months ago, this seems to be wontfix for xenial, at least for know. We can eventually re-evaluate that at some point, once we can grant acceptions in 1.3 or 1.4 ,but it does not seem likely; as the changes are likely very invasive.
** Changed in: apt (Ubuntu Xenial) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1562733 Title: apt signature requierements prevent updates from some repositories Status in apt package in Ubuntu: In Progress Status in apt source package in Xenial: Won't Fix Bug description: Since xenial updated the requirements for the strength of PGP signatures of packages, packages from some repositories are no longer updated. Apt-get update reports these errors: E: Failed to fetch http://[...]/Release No Hash entry in Release file /var/lib/apt/lists/partial/[...] which is considered strong enough for security purposes E: Some index files failed to download. They have been ignored, or old ones used instead. While the motivation for the change is valid, the result is a potential security problem, as the new versions of the packages that may fix recently discovered vulnerabilities are not automatically installed. One less important but unfortunate effect is a scary message that is displayed to the user, without clear explanation that the problem needs to be addressed by the repository owner. Related: Bug #1558331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1562733/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp