Summary
The remote host is missing an update to nextaw, xaw3d, xaw95 announced via advisory DSA 037-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20037-1
Insight
It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget library handle temporary files insecurely. Joey Hess has ported the bugfix from XFree86 to these Xaw replacements libraries.
We recommend you upgrade your nextaw, xaw3d and xaw95 packages.