This page keeps track of repositories broken or half-broken by the SHA1 removal. Please note that we intend to shut of SHA1 completely on January 1, 2017.

Feel free to add other affected repos here.

Broken repositories

These issue warnings about insufficiently signed repositories (1.2.7) or weak signatures (1.2.8).

The cause of this is a missing SHA256 or SHA512 entry in the Release and/or Packages files.

Half-broken repositories

The issue errors like "No hash entry found ... which is strong enough for security purposes" and cause a failure.

The cause of these is a Release file signed using a non-SHA2 hash.