Upstream has released version 1.4.22 on July 19 to fix this:
https://www.gnupg.org/

"Although GnuPG 1.4 is of limited use today we did a maintenance release to address the recently published local side channel attack CVE-2017-7526."

Patched package uploaded for Mageia 5.

Updated packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

Updated gnupg package fixes security vulnerability:

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot
Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and
Yuval Yarom discovered that GnuPG was susceptible to an attack via
side channels. A local attacker could use this attack to recover RSA
private keys (CVE-2017-7526).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
http://openwall.com/lists/oss-security/2017/07/06/8
https://www.gnupg.org/
https://www.ubuntu.com/usn/usn-3347-1/
========================

Updated packages in core/updates_testing:
========================
gnupg-1.4.19-1.3.mga5
gnupg-1.4.22-1.mga6

from SRPMS:
gnupg-1.4.19-1.3.mga5.src.rpm
gnupg-1.4.22-1.mga6.src.rpm

Whiteboard: MGA6TOO, MGA5TOO => MGA5TOO
Version: Cauldron => 6
Assignee: pkg-bugs => qa-bugs

Installed and tested without issues.

System: x86_64, Plasma, Intel CPU, nVidia GPU using proprietary driver.

$ rpm -q gnupg
gnupg-1.4.19-1.3.mga5
$ uname -a
Linux marte 4.4.79-desktop-1.mga5 #1 SMP Fri Jul 28 02:50:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

CC: (none) => mageia
Whiteboard: MGA5TOO => MGA5TOO MGA5-64-OK

Tested on Virtual box on MGA 6 32 bit and MGA 5 32 bit and I did not notice regressions.

Keywords: (none) => validated_update
Whiteboard: advisory MGA5TOO MGA5-64-OK MGA6-64-OK => advisory MGA5TOO MGA5-64-OK MGA6-64-OK MGA6-32-OK MGA5-32OK
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0235.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED