diff -Nru apt-1.0.1ubuntu2.4.1/cmdline/apt-get.cc apt-1.0.1ubuntu2.5/cmdline/apt-get.cc
--- apt-1.0.1ubuntu2.4.1/cmdline/apt-get.cc	2014-06-13 18:48:34.000000000 +0200
+++ apt-1.0.1ubuntu2.5/cmdline/apt-get.cc	2014-10-08 10:39:06.000000000 +0200
@@ -1564,7 +1564,7 @@
    {
       string changelogfile;
       if (downOnly == false)
-	 changelogfile.append(tmpname).append("changelog");
+	 changelogfile.append(tmpname).append("/changelog");
       else
 	 changelogfile.append(Ver.ParentPkg().Name()).append(".changelog");
       if (DownloadChangelog(Cache, Fetcher, Ver, changelogfile) && downOnly == false)
diff -Nru apt-1.0.1ubuntu2.4.1/debian/changelog apt-1.0.1ubuntu2.5/debian/changelog
--- apt-1.0.1ubuntu2.4.1/debian/changelog	2014-09-23 09:12:46.000000000 +0200
+++ apt-1.0.1ubuntu2.5/debian/changelog	2014-10-08 10:38:57.000000000 +0200
@@ -1,3 +1,11 @@
+apt (1.0.1ubuntu2.5) trusty-security; urgency=low
+
+  * SECURITY UPDATE:
+      - cmdline/apt-get.cc: fix insecure tempfile handling in
+        apt-get changelog (CVE-2014-7206). Thanks to Guillem Jover
+
+ -- Michael Vogt <michael.vogt@ubuntu.com>  Wed, 08 Oct 2014 10:38:50 +0200
+
 apt (1.0.1ubuntu2.4.1) trusty-security; urgency=low
 
   * SECURITY UPDATE: