Skip to Content

CAS Server 3.5.2 Release

February 22, 2012

The CAS development team is pleased to announce the release of Jasig CAS 3.5.2.  This is a point release that should be drop-in compatible with the previous 3.5.x release (3.5.1).  Notable highlights of this release:


  • Security fix: default ClearPass configuration allows bypassing allowed proxy chains mechanism (CAS-1209)
  • Security fix: cross-site scripting vulnerability on CAS login form (CAS-1251)
  • OAuth protocol improvements (CAS-1208, CAS-1220CAS-1231)
  • Health monitoring improvements
  • Improved logging

Please see the product release notes for a comprehensive list of changes in this version.