diff --git a/CHANGES b/CHANGES
index 277ad203..bbf49278 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 ?? ??? 2007 - 2.5.0-dev3
 ------------------------
 
+ * Fixed deprecatevar:var=N/S action so that it decrements N every S seconds
+   as documented instead of decrementing by a rate.
+
  * Enable ModSecurity to look at partial response bodies. In previous
    versions ModSecurity would respond with status code 500 when the
    response body was too long. Now, if SecResponseBodyLimitAction is
diff --git a/apache2/re_actions.c b/apache2/re_actions.c
index e182d48e..1c5f65ce 100644
--- a/apache2/re_actions.c
+++ b/apache2/re_actions.c
@@ -1147,7 +1147,7 @@ static apr_status_t msre_action_deprecatevar_execute(modsec_rec *msr, apr_pool_t
      * time elapsed since the last update.
      */
     new_value = current_value -
-        ((current_time - last_update_time) * atoi(var_value) / atoi(s));
+        (atoi(var_value) * ((current_time - last_update_time) / atoi(s)));
     if (new_value < 0) new_value = 0;
 
     /* Only change the value if it differs. */