1 files changed, 13 insertions, 35 deletions
diff --git a/src/3rdparty/libpng/ANNOUNCE b/src/3rdparty/libpng/ANNOUNCE
index ae0b6ccc13b..e9a94e05de3 100644
--- a/src/3rdparty/libpng/ANNOUNCE
+++ b/src/3rdparty/libpng/ANNOUNCE
@@ -1,5 +1,5 @@
-libpng 1.6.51 - November 21, 2025
-=================================
+libpng 1.6.53 - December 5, 2025
+================================
 
 This is a public release of libpng, intended for use in production code.
 
@@ -7,15 +7,12 @@ This is a public release of libpng, intended for use in production code.
 Files available for download
 ----------------------------
 
-Source files with LF line endings (for Unix/Linux):
+Source files:
 
- * libpng-1.6.51.tar.xz (LZMA-compressed, recommended)
- * libpng-1.6.51.tar.gz (deflate-compressed)
-
-Source files with CRLF line endings (for Windows):
-
- * lpng1651.7z (LZMA-compressed, recommended)
- * lpng1651.zip (deflate-compressed)
+ * libpng-1.6.53.tar.xz (LZMA-compressed, recommended)
+ * libpng-1.6.53.tar.gz (deflate-compressed)
+ * lpng1653.7z (LZMA-compressed)
+ * lpng1653.zip (deflate-compressed)
 
 Other information:
 
@@ -25,33 +22,14 @@ Other information:
  * TRADEMARK.md
 
 
-Changes from version 1.6.50 to version 1.6.51
+Changes from version 1.6.52 to version 1.6.53
 ---------------------------------------------
 
- * Fixed CVE-2025-64505 (moderate severity):
-   Heap buffer overflow in `png_do_quantize` via malformed palette index.
-   (Reported by Samsung; analyzed by Fabio Gritti.)
- * Fixed CVE-2025-64506 (moderate severity):
-   Heap buffer over-read in `png_write_image_8bit` with 8-bit input and
-   `convert_to_8bit` enabled.
-   (Reported by Samsung and <weijinjinnihao@users.noreply.github.com>;
-   analyzed by Fabio Gritti.)
- * Fixed CVE-2025-64720 (high severity):
-   Buffer overflow in `png_image_read_composite` via incorrect palette
-   premultiplication.
-   (Reported by Samsung; analyzed by John Bowler.)
- * Fixed CVE-2025-65018 (high severity):
-   Heap buffer overflow in `png_combine_row` triggered via
-   `png_image_finish_read`.
-   (Reported by <yosiimich@users.noreply.github.com>.)
- * Fixed a memory leak in `png_set_quantize`.
-   (Reported by Samsung; analyzed by Fabio Gritti.)
- * Removed the experimental and incomplete ERROR_NUMBERS code.
-   (Contributed by Tobias Stoeckmann.)
- * Improved the RISC-V vector extension support; required RVV 1.0 or newer.
-   (Contributed by Filip Wasil.)
- * Added GitHub Actions workflows for automated testing.
- * Performed various refactorings and cleanups.
+ * Fixed a build failure on RISC-V RVV caused by a misspelled intrinsic.
+   (Contributed by Alexander Smorkalov.)
+ * Fixed a build failure with CMake 4.1 or newer, on Windows, when using
+   Visual C++ without MASM installed.
+   (Reported by Andrew Tribick; fixed by Luis Caro Campos.)
 
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net.