This update for gpg2 fixes the following security issue:
- CVE-2018-12020: GnuPG mishandled the original filename during decryption
and verification actions, which allowed remote attackers to spoof the
output that GnuPG sends on file descriptor 2 to other programs that use
the "--status-fd 2"