netatalk -- arbitrary command execution in papd daemon

Secunia reports:

A vulnerability has been reported in Netatalk, which potentially
can be exploited by malicious users to compromise a vulnerable system.
The vulnerability is caused due to the papd daemon improperly
sanitising several received parameters before passing them in a call
to popen(). This can be exploited to execute arbitrary commands via
a specially crafted printing request.
Successful exploitation requires that a printer is configured to
pass arbitrary values as parameters to a piped command.