Guillem Jover discovered that the changelog retrieval functionality in
apt-get used temporary files in an insecure way, allowing a local user
to cause arbitrary files to be overwritten.
This vulnerability is neutralized by the fs.protected_symlinks setting in
the Linux kernel, which is enabled by default in Debian 7 Wheezy and up.
For the stable distribution (wheezy), this problem has been fixed in
version 0.9.7.9+deb7u6.
For the unstable distribution (sid), this problem has been fixed in
version 1.0.9.2.
We recommend that you upgrade your apt packages.