Sure. The timeline in the U.S. began on March 9. Equifax disseminated the US-CERT notification, as you mentioned, internally by email, requesting that applicable personnel responsible for an Apache Struts installation upgrade their software. Consistent with our patching policy, the Equifax security department required that patching occur within a 48-hour period of time.
On December 4th, 2017. See this statement in context.