Add the StatusManagerServlet to the list of Servlets that can only be loaded by privileged applications. This is the fix for CVE-2016-0706