[librsvg/librsvg-2.44: 7/7] Bump version to 2.44.16

[Federico Mena Quintero <federico src gnome org>]

commit d6139dc6e36714486c093a0ee8a83794d1787787
Author: Federico Mena Quintero <federico gnome org>
Date:   Wed Feb 26 19:08:56 2020 -0600

    Bump version to 2.44.16

 NEWS         | 15 +++++++++++++++
 configure.ac |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)
---
diff --git a/NEWS b/NEWS
index cfb289d2..008a9b5a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,18 @@
+Version 2.44.16
+- CVE-2019-20446 - Backport the following fixes from 2.46.x:
+
+- #515 - Librsvg now has limits on the number of loaded XML elements,
+  and the number of referenced elements within an SVG document.  This
+  is to mitigate malicious SVGs which try to consume all memory, and
+  those which try to consume an exponential amount of CPU time.
+
+- #308 - Fix stack exhaustion with circular references in <use> elements.
+
+- #323 - Fix a denial-of-service condition from exponential explosion
+  of rendered elements, through nested use of SVG "use" elements in
+  malicious SVGs.  This is similar to the XML "billion laughs attack"
+  but for SVG instancing.
+
 Version 2.44.15
 - Fix #11 - Respect the "direction" property for bidirectional text (Khaled Hosny)
 - Fix #462 - Fix usage of std::f64::EPSILON for Rust 1.28.
diff --git a/configure.ac b/configure.ac
index f60309b4..104fcc9f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,6 @@
 m4_define([rsvg_major_version],[2])
 m4_define([rsvg_minor_version],[44])
-m4_define([rsvg_micro_version],[15])
+m4_define([rsvg_micro_version],[16])
 m4_define([rsvg_extra_version],[])
 m4_define([rsvg_version],[rsvg_major_version.rsvg_minor_version.rsvg_micro_version()rsvg_extra_version])
 m4_define([rsvg_lt_version_info],m4_eval(rsvg_major_version + 
rsvg_minor_version):rsvg_micro_version:rsvg_minor_version)