python-gitlab is a thin wrapper and you should generally mostly ensure your transitive dependencies are kept up-to-date.
However, if you find an issue that may be security relevant, please Report a security vulnerability on GitHub.
Alternatively, if you cannot report vulnerabilities on GitHub, you can email the currently active maintainers listed in AUTHORS.
We will typically apply fixes for the current major version. As the package is distributed on PyPI and GitLab's container registry, users are encouraged to always update to the latest version.