No need to remove if we can update it and definitely not suggesting that we remove all those dependencies (original email did also not suggest that). Please contact me in case you need help with those CVEs when you have spare time (off BTS preferred). All I want is to close those vulnerabilities.
--- Henri Salo
Description: Digital signature
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.