Among other things, Spring Security 4.2 brings early support for Spring Framework 5. You can find the change logs for 4.2.0.M1, 4.2.0.RC1, 4.2.0.RELEASE which closes over 80 issues. The overwhelming majority of these features were contributed by the community. Below you can find the highlights of this release.
ConcurrentSessionFilter supports InvalidSessionStrategy
CompositeLogoutHandler
WebSecurityConfigurerAdapter. See Section 5.10, “Custom DSLs”
RoleHierarchy from Map (i.e. yml)
CookieCsrfTokenRepository
InvalidSessionStrategy on SessionManagementConfigurer