Log Message:
Update to 2.0.24, security fix:

Noteworthy changes in version 2.0.24 (2014-06-24)
-------------------------------------------------

 * gpg: Avoid DoS due to garbled compressed data packets.

 * gpg: Screen keyserver responses to avoid importing unwanted keys
   from rogue servers.

 * gpg: The validity of user ids is now shown by default.  To revert
   this add "list-options no-show-uid-validity" to gpg.conf.

 * gpg: Print more specific reason codes with the INV_RECP status.

 * gpg: Allow loading of a cert only key to an OpenPGP card.

 * gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt 1.6.

Noteworthy changes in version 2.0.23 (2014-06-03)
-------------------------------------------------

 * gpg: Reject signatures made using the MD5 hash algorithm unless the
   new option --allow-weak-digest-algos or --pgp2 are given.

 * gpg: Do not create a trustdb file if --trust-model=always is used.

 * gpg: Only the major version number is by default included in the
   armored output.

 * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
   communication with the gpg-agent.

 * gpg: The format of the fallback key listing ("gpg KEYFILE") is now more
   aligned to the regular key listing ("gpg -k").

 * gpg: The option--show-session-key prints its output now before the
   decryption of the bulk message starts.

 * gpg: New %U expando for the photo viewer.

 * gpgsm: Improved handling of re-issued CA certificates.

 * scdaemon: Various fixes for pinpad equipped card readers.

 * Minor bug fixes.