gnupg: security bump to version 1.4.19

Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gnupg/gnupg.hash

@@ -1,2 +1,2 @@
-# Locally calculated after checking pgp signature
-sha256	b7b5fdda78849955e0cdbc5a085f3a08f8b7fba126c622085debb62def5d6388	gnupg-1.4.18.tar.bz2
+# From http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html
+sha1	5503f7faa0a0e84450838706a67621546241ca50	gnupg-1.4.19.tar.bz2

package/gnupg/gnupg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GNUPG_VERSION = 1.4.18
+GNUPG_VERSION = 1.4.19
 GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
 GNUPG_SITE = ftp://ftp.gnupg.org/gcrypt/gnupg
 GNUPG_LICENSE = GPLv3+