The right fix would be to update the base image. I see that gnupg 2.2.12 is in stretch-backports, so I think it would probably be enough to alter the apt-get install command to make it install gnupg from backports.
As a side note, we don’t use decrypt nor verify functions, so the issue doesn’t probably apply, but it’s surely safe to upgrade.