Request: New release to include SLO security fixes (#243, #245)

[sgarg-ghub]

Hi @bufferoverflow @fh1ch ,

The following PRs address the Open Relay vulnerability in SLO (#240 (#240)) and have been merged to master:

• Add option :slo_enabled to opt-out (diable) from SLO endpoints completely #243 - Add option :slo_enabled to opt-out from SLO endpoints completely (Add option :slo_enabled to opt-out (diable) from SLO endpoints completely #243) (merged Nov 7, 2025)
• Refine SLO RelayState validation #245 - Refine SLO RelayState validation (Refine SLO RelayState validation #245) (merged Nov 16, 2025)

However, the latest release v2.2.3 (https://github.com/omniauth/omniauth-saml/releases/tag/v2.2.3) (March 17, 2025) predates these PRs and does not include these security fixes.

Could you publish a new release from master so downstream consumers (including GitLab) can upgrade to a version with these security fixes?

cc/- @gerardo-navarro

Thank you!

[bufferoverflow]

I just released https://github.com/omniauth/omniauth-saml/releases/tag/v2.2.5