C-Note-06-012: Debian Security Advisory DSA-978-1 (2/17/2006)
Debian noticed that gnupg, the GNU privacy guard - a free PGP replacement,
verifies external signatures
of files successfully even though they don't contain a signature at all.
They recommend that you upgrade your gnupg package.
CIAC would like to thank Debian for this information.
Please visit their web site to read the article:
http://www.debian.org/security/2006/dsa-978