I know it's security-masked at the moment, anyway we should bump. http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
Not sure whether ~ is appropriate here, but a package which has already been masked for security reasons is probably considered even less important than an ~arch only package.
Also: Name: CVE-2008-5053 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5053 Published: 2008-11-13 Severity: Description: PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
Added www-apps/joomla-1.5.8, removed www-apps/joomla-1.5.7. webapps done.
Thanks, closing then.