fix: bump ruby-saml to 1.18

bufferoverflow · bufferoverflow · commit 2c8a48280180 · 2025-03-12T19:58:18.000+01:00
* Signature Wrapping Vulnerabilities (CVE-2025-25291, CVE-2025-25292) * potential DDOS Moderated Vulneratiblity (CVE-2025-25293) Signed-off-by: Roger Meier <r.meier@siemens.com>
diff --git a/omniauth-saml.gemspec b/omniauth-saml.gemspec
@@ -14,7 +14,7 @@ Gem::Specification.new do |gem|
   gem.required_ruby_version = '>= 2.1'
 
   gem.add_runtime_dependency 'omniauth', '~> 1.3', '>= 1.3.2'
-  gem.add_runtime_dependency 'ruby-saml', '~> 1.17'
+  gem.add_runtime_dependency 'ruby-saml', '~> 1.18'
 
   gem.add_development_dependency 'rake', '>= 12.3.3'
   gem.add_development_dependency 'rspec', '~>3.4'
