[CP-beta]Roll libpng to version 1.6.53

[flutteractionsbot]

This pull request is created by automatic cherry pick workflow
Please fill in the form below, and a flutter domain expert will evaluate this cherry pick request.

Issue Link:

What is the link to the issue this cherry-pick is addressing?

#180191

Impact Description:

What is the impact (ex. visual jank on Samsung phones, app crash, cannot ship an iOS app)?
Does it impact development (ex. flutter doctor crashes when Android Studio is installed),
or the shipping of production apps (the app crashes on launch).
This information is for domain experts and release engineers to understand the consequences of saying yes or no to the cherry pick.

Updates a library that had multiple CVE's to a version that has those issues patched.
https://ubuntu.com/security/CVE-2025-64505
https://ubuntu.com/security/CVE-2025-64506
https://ubuntu.com/security/CVE-2025-64720
https://ubuntu.com/security/CVE-2025-65018

FWIW I have not seen a working exploit against a flutter app.

Changelog Description:

Explain this cherry pick:

• In one line that is accessible to most Flutter developers.
• That describes the state prior to the fix.
• That includes which platforms are impacted.
  See best practices for examples.

< Replace with changelog description here >
[flutter/180191] Update libpng to 1.6.53 to mitigate multiple CVE's published November/December 2025.

Workaround:

Is there a workaround for this issue?

No work around.

Risk:

What is the risk level of this cherry-pick?

• Low
• Medium
• High

Test Coverage:

Are you confident that your fix is well-tested by automated tests?

• [ x ] Yes
• No

Validation Steps:

What are the steps to validate that this fix works?

Run the standard test suite on CI including golden image tests.

[flutteractionsbot]

@reidbaker please fill out the PR description above, afterwards the release team will review this request.

[flutter-dashboard]

This pull request was opened from and to a release candidate branch. This should only be done as part of the official Flutter release process. If you are attempting to make a regular contribution to the Flutter project, please close this PR and follow the instructions at Tree Hygiene for detailed instructions on contributing to Flutter.

Reviewers: Use caution before merging pull requests to release branches. Ensure the proper procedure has been followed.

[gemini-code-assist]

Code Review

This pull request removes an unused code block in image_decoder_unittests.cc. The removed code was part of a test case that has been superseded or is no longer relevant. The change simplifies the test file by removing redundant code.

I am having trouble creating individual review comments. Click here to see my feedback.

engine/src/flutter/lib/ui/painting/image_decoder_unittests.cc (953-972)

The code block defining decode, expected_data, assert_image, and calling assert_image is being removed. This block appears to be redundant or no longer necessary for the test's functionality. Verify that removing this block does not negatively impact the test coverage or introduce regressions.

[reidbaker]

Filed #181545 while filling the details out on this cherry pick.