Fix to a security issue in the PGP fetching tool

- reported by RichieB2B
- The scraped URL for the PGP fetching tool was not sanitised before being echoed

VERSION.json

@@ -1 +1 @@
-{"major":2, "minor":3, "hotfix":153}
+{"major":2, "minor":3, "hotfix":155}

app/View/Users/ajax/fetchpgpkey.ctp

@@ -9,9 +9,9 @@
 			</tr>
 		<?php foreach ($keys as $k => $key): ?>
 			<tr style="border-bottom:1px solid black;" class="templateChoiceButton">
-				<td style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo h($key['key_id']); ?></td>
-				<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo h($key['date']); ?></td>
-				<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo $key['uri']; ?>')"><?php echo nl2br(h($key['address'])); ?></td>
+				<td style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['key_id']); ?></td>
+				<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['date']); ?></td>
+				<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo nl2br(h($key['address'])); ?></td>
 			</tr>
 		<?php endforeach; ?>
 		</table>