Hi, openjdk-7 is back in dla-needed.txt with the commit message "Sounds serious enough". However it was re-added the day after DLA-1782-1 and there's no new CVE since.
Was it an oversight, or was it meant to reconsider https://security-tracker.debian.org/tracker/CVE-2019-2697 which wasn't addressed by that DLA? Cheers! Sylvain