[ Thanks to BHZ
for these links. ]
New version of GnuPG has just been released. GnuPG 1.0.4
fixes a security vulnerability which causes gnupg to report files
which have been signed with multiple keys to be valid even if just
one of the signatures is in fact valid; new utility gpgv to
validate signatures. Related news regarding the security
issue: