As a followup, the argument that the preferred hashes "weren't added" to GNUGPG until after 2009 is meaningless. Read RFC 4880:
https://tools.ietf.org/html/rfc4880#section-9That is the RFC from November 2007. Now look at section 9.4, the preferred hashes. Hash algorithms 1 through 11 are in there. They are not experimental, they are standard hashes.
GNUPGP was just one of a number of OpenPGP implementations. PGP itself dates back to 1991. OpenPGP to 1997. Looking at the preferred hash list is meaningless.
Cheers, not about to jump to any conclusions on it but FUD free facts are much appreciated.