A new advisory from Secunia today points out an update that the Debian group has released for their PHP5 package to correct a few issues:
Debian has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
You can either grab the package with apt-get to get the latest or you can get it from one of the links in the advisory post for your architecture.