=== modified file 'Mailman/GPGUtils.py'
--- Mailman/GPGUtils.py	2008-12-31 10:43:13 +0000
+++ Mailman/GPGUtils.py	2014-05-07 22:41:27 +0000
@@ -316,20 +316,21 @@
         try:
             p.wait()
         except IOError:
             syslog('gpg',"Error encrypting message: %s",result)
             return None
         return ciphertext
 
 
     def verifyMessage(self,msg,signature):
         gpg = self.getGPGObject()
+        sigfilename = None
 
         if signature:
            # signature is not None but a non-empty string: we are dealing with
            # a detached signature
 
            # our gpg call will look something like
            #  gpg --verify sigfile - < msg
            # we'll need a tmpfile for signature
 
            # mkstemp is available in python >= 2.3
@@ -364,21 +365,21 @@
         t_status.join()
         result = t_err.data
         status = t_status.data
         try:
             p.wait()
         except IOError:
             syslog('gpg',"Error verifying message: %s",result)
             return []
 
         # clean up tmpfile
-        if sigfilename:
+        if sigfilename != None:
             os.remove(sigfilename)  # FIXME check errors
 
         key_ids = []
         for line in status.splitlines():
             # we are using short keyid to pinpoint keys: last 8 hexbytes of long key id
             g = re.search('^\[GNUPG:\] GOODSIG [0-9A-F]{8}([0-9A-F]{8}) ',line)
             if g!=None:
                 key_ids.append('0x%s' % g.groups()[0].lower())
 
         if not key_ids: