Update gnupg to 2.2.11

• gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
• gpgsm: Fix an error message about the digest algo. [#4219]
• gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9. [#4014]
• gpg: Print the "data source" even for an unsuccessful keyserver query.
• gpg: Do not store the TOFU trust model in the trustdb. This allows to enable or disable a TOFO model without triggering a trustdb rebuild. [#4134]
• scd: Fix cases of "Bad PIN" after using "forcesig". [#4177]
• agent: Fix possible hang in the ssh handler. [#4221]
• dirmngr: Tack the unmodified mail address to a WKD request. See commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details.
• dirmngr: Tweak diagnostic about missing LDAP server file.
• dirmngr: In verbose mode print the OCSP responder id.
• dirmngr: Fix parsing of the LDAP port. [#4230]
• wks: Add option --directory/-C to the server. Always build the server on Unix systems.
• wks: Add option --with-colons to the client. Support sites which use the policy file instead of the submission-address file.
• Fix EBADF when gpg et al. are called by broken CGI scripts.
• Fix some minor memory leaks and bugs.
  
  Release-info: https://dev.gnupg.org/T4233