Hi,
openjdk-7 is back in dla-needed.txt with the commit message "Sounds
serious enough".
However it was re-added the day after DLA-1782-1 and there's no new CVE
since.
Was it an oversight, or was it meant to reconsider
https://security-tracker.debian.org/tracker/CVE-2019-2697 which wasn't
addressed by that DLA?
Cheers!
Sylvain