libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.
Created libEMF tracking bugs for this issue:
Affects: fedora-all [bug 1835794]
libEMF is a C/C++ library which provides a drawing toolkit based on ECMA-234. The general purpose of this library is to create vector graphics files on POSIX systems which can be imported into OpenOffice.org or LibreOffice. Programs compiled with libEMF, output ECMA-234 graphics files locally which can be then imported into desktop applications. Therefore this use-after-free flaw can only be triggered via maliciously written applications compiled with libEMF.
Upstream commit: https://sourceforge.net/p/libemf/code/92/
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):