diff --git a/gnupg-2.0.23.tar.bz2 b/gnupg-2.0.23.tar.bz2
deleted file mode 100644
index ac01421..0000000
--- a/gnupg-2.0.23.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cf196b8056eafb4236f000a3e12543e0022a1fec4d6edff1b91b48936c109841
-size 4297195
diff --git a/gnupg-2.0.23.tar.bz2.sig b/gnupg-2.0.23.tar.bz2.sig
deleted file mode 100644
index 45a9c3c..0000000
Binary files a/gnupg-2.0.23.tar.bz2.sig and /dev/null differ
diff --git a/gnupg-2.0.24.tar.bz2 b/gnupg-2.0.24.tar.bz2
new file mode 100644
index 0000000..f48264a
--- /dev/null
+++ b/gnupg-2.0.24.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d974a1d86c9470571411346368416d96200ef9510028763c1303cd66e3820232
+size 4301922
diff --git a/gnupg-2.0.24.tar.bz2.sig b/gnupg-2.0.24.tar.bz2.sig
new file mode 100644
index 0000000..f7f7db6
Binary files /dev/null and b/gnupg-2.0.24.tar.bz2.sig differ
diff --git a/gpg2.changes b/gpg2.changes
index 0cc913c..ec29925 100644
--- a/gpg2.changes
+++ b/gpg2.changes
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Tue Jun 24 22:25:12 UTC 2014 - andreas.stieger@gmx.de
+
+- update to 2.0.24
+  Contains a security fix to stop a possible DoS using garbled
+  compressed data packets which can be used to put gpg into an
+  infinite loop. [bnc#884130] [CVE-2014-4617]
+  * gpg: Avoid DoS due to garbled compressed data packets.
+- further:
+  * gpg: Screen keyserver responses to avoid importing unwanted
+    keys from rogue servers.
+  * gpg: The validity of user ids is now shown by default. To
+    revert this add "list-options no-show-uid-validity" to gpg.conf
+  * gpg: Print more specific reason codes with the INV_RECP status.
+  * gpg: Allow loading of a cert only key to an OpenPGP card.
+  * gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt
+    1.6.
+
 -------------------------------------------------------------------
 Tue Jun  3 21:55:34 UTC 2014 - andreas.stieger@gmx.de
 
diff --git a/gpg2.keyring b/gpg2.keyring
index 1efb704..86dc5ba 100644
--- a/gpg2.keyring
+++ b/gpg2.keyring
@@ -7,7 +7,7 @@
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
 <meta name="title" content="GnuPG - Signature Key"/>
 <meta name="generator" content="Org-mode"/>
-<meta name="generated" content="򳢛"/>
+<meta name="generated" content="򳢰"/>
 <meta name="author" content="Werner Koch"/>
 <meta name="description" content=""/>
 <meta name="keywords" content=""/>
diff --git a/gpg2.spec b/gpg2.spec
index 67afee4..72023e3 100644
--- a/gpg2.spec
+++ b/gpg2.spec
@@ -17,7 +17,7 @@
 
 
 Name:           gpg2
-Version:        2.0.23
+Version:        2.0.24
 Release:        0
 BuildRequires:  automake >= 1.10
 BuildRequires:  expect