Sterling Secure Proxy Instructions for Installing the New Apache Commons Collections jar file from IBM Fix Central for the Security Advisory. APAR IT12342 2015/12/29 This process will allow the Customer to pull a new Commons Collections jar from the IBM Fix Central site and replace the existing jar(s) in the installed instances of Sterling Secure Proxy Configuration Manager (SSPCM). Note that Commons Collections is not used by the Sterling Secure Proxy Perimeter Server (PS). This jar file will be folded into the next cumulative maintenance iFixes for each supported version, if you prefer to wait for that. 2015/11/19 - First pass with commons-collections-3.2.2.jar only 2015/12/10 - Updated with commons-collections-3.2.2.jar signed for SSPcm 2015/12/29 - Updated to include commons-beanutils.jar for some older installations which complain about jarfile signing. If you already have the new commons-collections-3.2.2.jar file in place, you may ignore this update. STEP 1 IS DONE ONCE AND CAN BE DONE WHILE THE PRODUCT IS RUNNING. 1. Download the SSP-IT12342-Apache-Commons-Collections-Fix.zip file from Fix Central and extract the commons-collections-3.2.2.jar and commons-beanutils.jar files to a work directory on the target system. When moving / copying the files, be sure to move them in binary mode (not ascii or text mode). STEPS 2 AND FOLLOWING ARE DONE FOR EACH INSTANCE OF THE STERLING SECURE PROXY CONFIGURATION MANAGER OR STERLING EXTERNAL AUTHENTICATION SERVER. 2. Make a backup of the target SSPCM installed instance before you begin. 3. Take the target Sterling Proxy CM instance down 4. Make local backups of the jar files being replaced and delete the old commons-collections.jar files. UNIX: cd mv apps/jetty/webservices/webapps/SspJsf/WEB-INF/lib/commons-collections.jar ./commons-collections.jar.orig rm apps/jetty/webservices/webapps/SSPDashboard/WEB-INF/lib/commons-collections.jar mv lib/thirdparty/commons-beanutils.jar ./commons-beanutils.jar.orig mv lib/thirdparty/commons-beanutils-core.jar ./commons-beanutils-core.jar.orig Windows: cd move apps\jetty\webservices\webapps\SspJsf\WEB-INF\lib\commons-collections.jar .\commons-collections.jar.orig delete apps\jetty\webservices\webapps\SSPDashboard\WEB-INF\lib\commons-collections.jar move lib\thirdparty\commons-beanutils.jar .\commons-beanutils.jar.orig move lib\thirdparty\commons-beanutils-core.jar .\commons-beanutils-core.jar.orig 5. For SSPCM, copy the new jar files from the work directory to the production locations. UNIX: cp /commons-collections-3.2.2.jar apps/jetty/webservices/webapps/SspJsf/WEB-INF/lib cp /commons-collections-3.2.2.jar apps/jetty/webservices/webapps/SSPDashboard/WEB-INF/lib cp /commons-beanutils.jar apps/jetty/webservices/webapps/SspJsf/WEB-INF/lib cp /commons-beanutils.jar apps/jetty/webservices/webapps/SSPDashboard/WEB-INF/lib cp /commons-beanutils.jar lib/thirdparty cp /commons-beanutils-core.jar lib/thirdparty Windows: copy \commons-collections-3.2.2.jar apps\jetty\webservices\webapps\SspJsf\WEB-INF\lib copy \commons-collections-3.2.2.jar apps\jetty\webservices\webapps\SSPDashboard\WEB-INF\lib copy \commons-beanutils.jar apps\jetty\webservices\webapps\SspJsf\WEB-INF\lib copy \commons-beanutils.jar apps\jetty\webservices\webapps\SSPDashboard\WEB-INF\lib copy \commons-beanutils.jar lib/thirdparty copy \commons-beanutils-core.jar lib/thirdparty 6. Start the Sterling Secure Proxy CM.