A new version of the Python module which wraps GnuPG has been released.
This is a security-fix release, and all users are strongly encouraged to upgrade.
This fix mitigates against CVE-2018-12020. See the discoverer's blog post  for
* Added --no-verbose to the gpg command line, in case verbose is specified in
gpg.conf - we don't need verbose output.
This release  has been signed with my code signing key:
Vinay Sajip (CODE SIGNING KEY) <vinay_sajip at yahoo.co.uk
Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86
Recent changes to PyPI don't show the GPG signature with the download links.
An alternative download source where the signatures are available is the project's
own downloads page .
As always, your feedback is most welcome (especially bug reports ,
patches and suggestions for improvement, or any other points via the
mailing list/discussion group ).
Red Dove Consultants Ltd.