February 22, 2012
The CAS development team is pleased to announce the release of Jasig CAS 3.5.2. This is a point release that should be drop-in compatible with the previous 3.5.x release (3.5.1). Notable highlights of this release:
- Security fix: default ClearPass configuration allows bypassing allowed proxy chains mechanism (CAS-1209)
- Security fix: cross-site scripting vulnerability on CAS login form (CAS-1251)
- OAuth protocol improvements (CAS-1208, CAS-1220, CAS-1231)
- Health monitoring improvements
- Improved logging
Please see the product release notes for a comprehensive list of changes in this version.
