upstream suhosin has now a patch for 5.3.4: http://www.hardened-php.net/suhosin/download.html Beside that, I'd suggest we find a better way for php releases without a suhosin-patch available. I was a bit surprised that it got silently disabled with a 5.3.4 update without even a warning. Not what you'd expect if you explicitely enable a security feature with a use flag.
we could let suhosin block unsupported php versions. afaik, that should prevent av upgrade of php. i'll try to prepare a revbump with suhosin next week.
Fixed in php-5.3.4-r1