Debian Security Advisory DSA 968-1 (noweb)

Summary
The remote host is missing an update to noweb announced via advisory DSA 968-1. Javier Fernández-Sanguino Peña from the Debian Security Audit project discovered that a script in noweb, a web like literate-programming tool, creates a temporary file in an insecure fashion. For the old stable distribution (woody) this problem has been fixed in version 2.9a-7.4.
Solution
For the stable distribution (sarge) this problem has been fixed in version 2.10c-3.2. For the unstable distribution (sid) this problem has been fixed in version 2.10c-3.2. We recommend that you upgrade your nowebm package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20968-1