Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.

Version 1.5.9beta01 [February 3, 2012]
  Rebuilt configure scripts in the tar distributions.

Version 1.5.9beta02 [February 16, 2012]
  Removed two unused definitions from scripts/pnglibconf.h.prebuilt
  Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
  Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h

Version 1.5.9rc01 [February 17, 2012]
  Fixed CVE-2011-3026 buffer overrun bug.  Deal more correctly with the test
    on iCCP chunk length. Also removed spurious casts that may hide problems
    on 16-bit systems.

1 files changed, 0 insertions, 24 deletions

diff --git a/graphics/png/patches/patch-CVE-2011-3026 b/graphics/png/patches/patch-CVE-2011-3026
deleted file mode 100644
index 513e6fc2543..00000000000
--- a/graphics/png/patches/patch-CVE-2011-3026
+++ /dev/null
@@ -1,24 +0,0 @@
-$NetBSD: patch-CVE-2011-3026,v 1.1 2012/02/18 15:16:59 drochner Exp $
-
-from chromium rev.121492
-
---- pngrutil.c.orig	2012-02-01 05:00:34.000000000 +0000
-+++ pngrutil.c
-@@ -457,8 +457,15 @@ png_decompress_chunk(png_structp png_ptr
-       {
-          /* Success (maybe) - really uncompress the chunk. */
-          png_size_t new_size = 0;
--         png_charp text = (png_charp)png_malloc_warn(png_ptr,
--             prefix_size + expanded_size + 1);
-+	 png_charp text = NULL;
-+	 /* Need to check for both truncation (64-bit platforms) and integer
-+	  * overflow.
-+	  */
-+	 if (prefix_size + expanded_size > prefix_size &&
-+	     prefix_size + expanded_size < 0xffffffffU)
-+	 {
-+	    text = png_malloc_warn(png_ptr, prefix_size + expanded_size + 1);
-+	 }
- 
-          if (text != NULL)
-          {