Adding to 6.4.17 payload since it is necessary to fix CVE-2017-5645, which is already on payload.
Also granting all acks since Important CVEs go on payload automatically.
Apache Log4j 1.2.16.redhat-3 MEAD build: https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=571008 RPM6 wrapper: https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=571012 RPM5 wrapper: https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=571013 RPM7 wrapper: https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=571014 PR: https://github.com/jbossas/jboss-eap/pull/3033
CVE-2017-5645 is already public, no need for security group here.
Verified with EAP 6.4.17.CP.CR4
Released on 2017-09-05 as part of the EAP 6.4.17 release.