It is suspected that this package is vulnerable to a security vulnerability via embedded dev-php/PHPMailer. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected.
Please see the information contained in the tracker bug 603752.
(In reply to Harold Naparst from https://bugs.gentoo.org/show_bug.cgi?id=603752#c1)
> I am the maintainer of joomla. It is unknown whether joomla has bundled an
> affected version of PHPMailer. Please remove joomla from portage until
> further notice.
Joomla upstream has already confirmed the problem and is preparing new releases.
The version in Gentoo repository (=www-apps/joomla-3.4.8) ships PHPMailer in v5.2.9, see https://github.com/joomla/joomla-cms/blob/3.4.8/libraries/vendor/phpmailer/phpmailer/class.phpmailer.php#L34.
# Thomas Deutschmann <email@example.com> (17 May 2017)
# Multiple unpatched security vulnerabilities (see bug #603756, #610696, #612650 ...)
# Removal in 30 days.
Author: Michał Górny <firstname.lastname@example.org>
AuthorDate: Sat Jun 17 10:29:26 2017
Commit: Michał Górny <email@example.com>
CommitDate: Sat Jun 17 10:39:58 2017
www-apps/joomla: Remove last-rited pkg