SimpleSAMLphp < 2.3.10 vulnerable to CVE-2025-66475

The SimpleSAMLphp project released [v2.3.10](https://github.com/simplesamlphp/simplesamlphp/releases/tag/v2.3.10) and v2.4.4 with a [security patch in the included third party library](https://github.com/robrichards/xmlseclibs/security/advisories/GHSA-c4cc-x928-vjw9) `robrichards/xmlseclibs`. `moodle-auth_saml2` will need a `composer update` to pull in this security patch into `composer.lock`.