Log Message:
gnupg2: updated to 2.2.17

Noteworthy changes in version 2.2.17:
* gpg: Ignore all key-signatures received from keyservers.  This
  change is required to mitigate a DoS due to keys flooded with
  faked key-signatures.  The old behaviour can be achieved by adding
    keyserver-options no-self-sigs-only,no-import-clean
  to your gpg.conf.
* gpg: If an imported keyblocks is too large to be stored in the
  keybox (pubring.kbx) do not error out but fallback to an import
  using the options "self-sigs-only,import-clean".
* gpg: New command --locate-external-key which can be used to
  refresh keys from the Web Key Directory or via other methods
  configured with --auto-key-locate.
* gpg: New import option "self-sigs-only".
* gpg: In --auto-key-retrieve prefer WKD over keyservers.
* dirmngr: Support the "openpgpkey" subdomain feature from
  draft-koch-openpgp-webkey-service-07.
* dirmngr: Add an exception for the "openpgpkey" subdomain to the
  CSRF protection.
* dirmngr: Fix endless loop due to http errors 503 and 504.
* dirmngr: Fix TLS bug during redirection of HKP requests.
* gpgconf: Fix a race condition when killing components.