Recently debian updated the apt* tools to warn about repositories using SHA1. You should update your gpg settings to use a newer hash function (see e.g. https://askubuntu.com/questions/750133/how-can-i-fix-w-the-repository-is-insufficiently-signed-by-the-key, and https://wiki.debian.org/Teams/Apt/Sha1Removal) so that the zabbix installation will work with future debian stable systems.
Steps to reproduce
on a debian testing/unstable system, have an entry like the following in /etc/apt/sources.list:
run 'apt-get update'
apt-get should download the files from the repository without complaining
apt-get gives a warning: