A few days ago, Stefan Esser discovered a buffer overflow in the “transparent cookie encryption stack” of the Suhosin extension. Here is the full advisory.

If you previously installed the php5-suhosin package, you should upgrade to its fixed new version (0.9.33) by running :

apt-get update
apt-get install --reinstall php5-suhosin