Comment 2 for bug 1590936

Your question
https://answers.launchpad.net/ubuntu/+source/reprepro/+question/292432
did get an answer eventually:

"I fixed this problem by adding the following to ~/.gnupg/gpg.conf (courtesy of https://www.osso.nl/blog/apt-insufficiently-signed-weak-digest/):

personal-digest-preferences SHA512 SHA384 SHA256 SHA224
"

There's a slightly different answer in
http://askubuntu.com/questions/819641/reprepro-signature-by-key-uses-weak-digest-algorithm-sha1

Perhaps this is a doc bug, and the manpage needs updating?