Published: 2 October 2015
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
Launchpad, Ubuntu, Debian
Does not exist
(trusty was released [2.30.7-0ubuntu1.2])
this is actually fixed in 2.32.0, not 2.32.1