Re:So what's the answer (Score 1)

Yes, even the Linux version of pgp 5.x is vulnerable.

Actually, ALL versions except "classic" pgp (pgp2.6.x) are vulnerable. Yes, this INCLUDES GnuPG.

The problem is with the V4 key sigs, and new keys. The "depreciated" V3 sigs & RSA keys are safe.

Plese, follow the link & read the article. It's well worth it.
The link is HERE as well for your convienience.

-Tod.