#################################################################### # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely # careful not to commit atoms that are not valid, as it can cause large-scale # breakage, especially if it ends up in the daily snapshot. # ## Example: ## ## # Dev E. Loper (28 Jun 2012) ## # Masking these versions until we can get the ## # v4l stuff to work properly again ## =media-video/mplayer-0.90_pre5 ## =media-video/mplayer-0.90_pre5-r1 # # - Best last rites (removal) practices - # Include the following info: # a) reason for masking # b) bug # for the removal (and yes you should have one) # c) date of removal (either the date or "in x days") # ## Example: ## ## # Dev E. Loper (23 May 2015) ## # Masked for removal in 30 days. Doesn't work ## # with new libfoo. Upstream dead, gtk-1, smells ## # funny. (bug #987654) ## app-misc/some-package #--- END OF EXAMPLES --- # Pacho Ramos (13 Mar 2018) # Tests need network, nothing requires this old lib anymore and upstream is # dead for a long time (#335233). Removal in a month. net-libs/netembryo # Pacho Ramos (13 Mar 2018) # Fails to build (#371401, #642676). Removal in a month. net-misc/netkit-rwall # Pacho Ramos (13 Mar 2018) # Incomplete and unclear LICENSE, missing files in SRC_URI (#472602). # Removal in a month. sci-electronics/balsa # Pacho Ramos (13 Mar 2018) # Upstream dead for a long time, requires obsolete gstreamer and other old # libs (#629192), buggy (#490344). Removal in a month. media-tv/me-tv # Pacho Ramos (13 Mar 2018) # Doesn't build for a long time (#514432). Removal in a month. sci-biology/beast-mcmc # Pacho Ramos (13 Mar 2018) # Fails to build (#514632, #585606, #588710). Removal in a month. sys-power/phc-k8 # Pacho Ramos (13 Mar 2018) # Fails to build for a long time (#515734, 649840). Removal in a month. sys-fs/gfs2-utils # Pacho Ramos (13 Mar 2018) # Dead driver and with many incompatibilities with current kernels (#517250, # #523356, #551834, #646106). Removal in a month. Possible alternative # #device/driver: https://bugs.gentoo.org/517250#c5 net-wireless/broadcom-sta # Pacho Ramos (13 Mar 2018) # Not buildable for a long time (#531586), pending many version bumps. # Removal in a month. media-sound/mup # Pacho Ramos (13 Mar 2018) # Many other ident daemons in the tree over this completely dead and # unmaintained (since 2003) implementation (#535868). Removal in a month. net-misc/linux-identd # Pacho Ramos (13 Mar 2018) # Major version bump pending (#540322), current version in the tree is # completely broken in several ways (#471428, #598260, #621784, #638364). # Removal in a month. sys-cluster/gearmand dev-php/pecl-gearman # Pacho Ramos (13 Mar 2018) # Not buildable and ends up needing old guile-1.8 (#547186, #617802), major # version bump pending (#515888). Removal in a month. media-sound/denemo # Pacho Ramos (13 Mar 2018) # Hard to bump (#547418), build issues (#600308). Removal in a month. app-forensics/libewf app-forensics/rdd # Pacho Ramos (13 Mar 2018) # Many pending version bumps (#574874), doesn't run (#587112), doesn't use # python eclasses (#613892), needs obsolete libs (#640888). Removal in a # month. net-p2p/tribler # Tobias Klausmann (11 Mar 2018) # Breaks XFCE, 1.19.6 was fine (in that regard). Bug #650228 >=x11-base/xorg-server-1.19.7 # Andreas Sturmlechner (11 Mar 2018) # Dead upstream, no revdeps left. Bug #639358 app-i18n/libguess # José María Alonso (09 Mar 2018) # Obsolete package # Masked for removal in 30 days. Bug #646742 dev-lisp/common-lisp-controller dev-lisp/asdf-binary-locations # José María Alonso (08 Mar 2018) # Obsolete package # Masked for removal in 30 days. Bug #648448 dev-lisp/gentoo-init # Michael Palimaka (07 Mar 2018) # Depends on deprecated Qt 4. Dead upstream. # Masked for removal in 30 days. Bug #649116. media-video/qt-recordmydesktop # Michael Palimaka (07 Mar 2018) # Depends on deprecated Qt 4. Dead upstream. # Masked for removal in 30 days. Bug #644424. media-gfx/qosmic # Brian Evans (06 Mar 2018) # MariaDB MaxScale 1.x depends on the deprecated libmysqld # Newer versions bundle software that require git access # and modify system libraries for their own purposes making # it exteremely difficult to package. # Bug 649764 Removal in 30 days. dev-db/maxscale # Andreas Sturmlechner (06 Mar 2018) # Maintainer not responding, depends on deprecated Qt4. # Masked for removal in 30 days. Bug 598651, 635192, 644396 media-gfx/photivo # Andreas Sturmlechner (05 Mar 2018) # Dead upstream, depends on deprecated Qt4. # Masked for removal in 30 days. Bug 644404 net-fs/smbtatools # Mike Gilbert (04 Mar 2018) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. >=www-client/chromium-66 # Andreas Sturmlechner (04 Mar 2018) # Dead upstream, depends on deprecated Qt4. media-sound/cantata # is an actively developed alternative based on Qt5. # Masked for removal in 30 days. Bug 644412 media-sound/qmpdclient # Andreas Sturmlechner (04 Mar 2018) # Dead upstream, depends on deprecated Qt4. # Masked for removal in 30 days. Bug 645436 sci-chemistry/massxpert # Andreas Sturmlechner (04 Mar 2018) # Dead upstream, depends on deprecated Qt4. # Masked for removal in 30 days. Bug 514438, 644522 sci-chemistry/gsim # Andreas Sturmlechner (04 Mar 2018) # Depends on deprecated dev-python/pyqwt, blocks Qt4 removal. # Masked for removal in 30 days unless someone bumps to 5.2.2. # Bug 645218, 649094 sci-chemistry/PyMca # Andreas K. Hüttel (03 Mar 2018) # Fails to build without rpc support in glibc (bug 631044); # no maintainer, requires obsolete hardware. Removal in # 30 days. app-pda/p3nfs # Andreas K. Hüttel (03 Mar 2018) # Fails to build without rpc support in glibc (bug 377867); # fails to build with libtirpc; apparently functionality is # now included in libtirpc. No consumers. Removal in 30 days. net-libs/librpcsecgss # Andreas K. Hüttel (03 Mar 2018) # Marked obsolete on CTAN. EAPI=3 ebuild. No consumers. # Masked for removal in 30 days. Bug 644258 app-text/noweb # Jason Zaman (02 Mar 2018) # Became sys-apps/selinux-python in release 2.7 # Masked for removal in 30 days. dev-python/sepolgen # Tim Harder (01 Mar 2018) # Masked for testing. >=dev-python/aiohttp-3 # Ulrich Müller (01 Mar 2018) # Very old (Open)Motif version 2.2 installing libXm.so.3. # Released in 2004. Non-free. No revdeps in Gentoo repo. # Depends on x11-libs/libXp which is on its way out. # If you still need this for third-party binaries, try the # workaround outlined in https://bugs.gentoo.org/210021#c19. # Masked for removal in 90 days. Bug #649080. x11-libs/motif:2.2 # Andreas Sturmlechner (28 Feb 2018) # Dead upstream, depends on dead Qt4. # Masked for removal in 30 days. dev-tex/qtexengine # Andreas Sturmlechner (27 Feb 2018) # Depends on deprecated Qt4, no Qt5 work found. No maintainer. # Masked for removal in 30 days. Bug #644534 app-text/searchmonkey # Andreas Sturmlechner (27 Feb 2018) # Depends on deprecated Qt4. No maintainer, needs someone to bump to Qt5. # Masked for removal in 30 days. Bug #602042 media-gfx/pencil # Andreas Sturmlechner (27 Feb 2018) # Dead upstream, google-code-down, depends on deprecated Qt4. # Masked for removal in 30 days. Bug #626664 media-video/abby # Anthony G. Basile (25 Feb 2018) # Upstream has been dead since 2012. Migrate to uclibc-ng. # See https://wiki.gentoo.org/wiki/Project:Hardened_uClibc sys-libs/uclibc # Thomas Deutschmann (23 Feb 2018) # Unmaintained in Gentoo, known critical vulnerabilities like # auth bypass. Removal in 30 days. Bugs #559658, #592080. sys-cluster/ganglia-web # Mart Raudsepp (23 Feb 2018) # Old net-libs/webkit-gtk SLOTs have hundreds of known security issues. # Use the security safe net-libs webkit-gtk SLOT=4 instead via # libraries and applications ported to gtk3 and webkit2gtk API. # Masked for removal in 30 days. Bug #577068. # Please keep this package.mask entry until at least 25th May 2018 for # extra notification of the security vulnerabilities. net-libs/webkit-gtk:2 net-libs/webkit-gtk:3 # Mart Raudsepp (23 Feb 2018) # Older versions of GnuCash use security vulnerable old webkit-gtk slot. # Use gnucash-2.7.4 or newer instead, but pay attention to the news item: # https://www.gentoo.org/support/news-items/2018-01-14-gnucash.html (22 Feb 2018) # Very old project of mine, hasn't worked in years, no plans to # support, and mpv can provide resume playback by default. # Masked for removal in 30 days. Bug #648568 media-video/mplayer-resume # Steve Dibb (22 Feb 2018) # Dead upstream, never really used, libdvdread and libdvdnav provide # DVD access. # Masked for removal in 30 days. Bug #648566 media-libs/libdvdplay # Steve Dibb (22 Feb 2018) # Dead upstream, long since replaced by libaacs for functionality. # Masked for removal in 30 days. Bug #648560 media-video/aacskeys # Brian Evans (22 Feb 2018) # Multiple vulnerablities, EOL upstream. # Masked for removal in 30 days. Bug #604182 dev-php/ZendFramework # Michael Palimaka (22 Feb 2018) # Plugin for removed package media-sound/amarok. Dead upstream. # Depends on vulnerable gstreamer:0.10. # Masked for removal in 30 days. Bug #629184. media-sound/moodbar # Mart Raudsepp (22 Feb 2018) # This package was renamed to dev-libs/libgnome-games-support without # a pkgmove; everything in tree uses it now instead of libgames-support. # Masked for removal in 30 days. Bug #648468. dev-libs/libgames-support # Ulrich Müller (21 Feb 2018) # Homepage is dead. Apparently the last release was in 2012 # and it does not work with Emacs 25 and later. # Masked for removal in 30 days. Bug #590400. app-emacs/mcomplete # Ulrich Müller (21 Feb 2018) # Obsolete predecessor of js-mode, which is included # with Emacs since version 23. Homepage is dead. # Masked for removal in 30 days. Bug #648150. app-emacs/javascript # Ulrich Müller (21 Feb 2018) # Last release in 2006. Homepage is dead. Upstream says # that app-emacs/muse should be used as replacement. # Masked for removal in 30 days. Bug #619194. app-emacs/emacs-wiki app-emacs/emacs-wiki-blog # Brian Evans (13 Feb 2018) # Requires dead Qt4 (bug #645420). Removal in 30 days media-gfx/qiviewer # Kristian Fiskerstrand (11 Feb 2018) # Lastrite: app-crypt/monkeysign . Please use caff from # app-crypt/signing-party instead. Removal in 30 days. # Bug: #647352 app-crypt/monkeysign # Eray Aslan (08 Feb 2018) # Mask experimental software =mail-mta/postfix-3.4* # Thomas Deutschmann (07 Feb 2018) # Intel recommends to pull these versions because they could # cause higher than expected reboots and other unpredictable # system behavior. Bug #646646 =sys-firmware/intel-microcode-20171117_p20171215 =sys-firmware/intel-microcode-20171117_p20171215-r1 =sys-firmware/intel-microcode-20180108 =sys-firmware/intel-microcode-20180108-r1 # Patrice Clement (26 Jan 2018) # Has different symbols. Known to cause issues with i3bar/swaybar. media-fonts/fontawesome:0/5 # Eray Aslan (22 Jan 2018) # Vulnerable - see https://bugs.gentoo.org/630684 # Please migrate to cyrus-imapd-3.0 releases =net-mail/cyrus-imapd-2.5* # Patrice Clement (18 Jan 2018) # mpv >= 0.28.0 requires changes currently only available in ffmpeg-9999. >=media-video/mpv-0.28.0 # Richard Freeman (09 Jan 2018) # Bug 644048 - temp QA mask until it can get sorted out # Lars Wendler (26 Feb 2018) # See also tracker bug: https://bugs.gentoo.org/648864 ~sys-apps/attr-2.4.48 # Lars Wendler (10 Jan 2018) # Mask followup bugfixes for =sys-apps/attr-2.4.48 as well until proper # testing has been conducted. =sys-apps/acl-2.2.52-r2 # Alice Ferrazzi (05 Jan 2018) # kernel: Meltdown and Spectre - Processor flaw. (#643228) # Please upgrade for Intel processor flaw workaround # (currently KPTI patch are 64bit only), # also excluding AMD from the fix as not affected. # Please unmask your kernel version if you want to # continue to use your kernel with AMD. # Removal in a month. =sys-kernel/gentoo-sources-4.14.8-r1 =sys-kernel/gentoo-sources-4.14.9 =sys-kernel/gentoo-sources-4.14.10 =sys-kernel/gentoo-sources-4.14.10-r1 =sys-kernel/gentoo-sources-4.14.11 # Alice Ferrazzi (30 Dec 2017) # Masked for removal in 30 days. # Upstream is no more backporting security fixes for 4.12. # For a more stable kernel please downgrade to 4.9 # or move to 4.14(unstable) if it works for you. =sys-kernel/gentoo-sources-4.12.14 =sys-kernel/gentoo-sources-4.12.13 =sys-kernel/gentoo-sources-4.12.12 # Alice Ferrazzi (27 Dec 2017) # Masked for removal in 30 days. # This kernel doesn't boot on hardened profiles. # vanilla-sources also dosen't make prepare # (bug #642268) (bug #642664) =sys-kernel/gentoo-sources-4.14.9 =sys-kernel/gentoo-sources-4.14.10 =sys-kernel/vanilla-sources-4.14.10 # Matthias Maier (26 Dec 2017) # gcc depends on mpfr and this version changes soname. Spare users with # FEATURES=-preserve-libs from completely frying their system. >=dev-libs/mpfr-4.0.0 # Thomas Beierlein (23 Dec 2017) # To adapt to changed version naming by upstream # (pcb-yyyymmdd to pcb-x.y.z) we move the ebuild to # pcb-0_pyyyymmdd and mask >=pcb-20000000. # Do not remove the mask until newer version gets stable >=sci-electronics/pcb-20000000 # Alice Ferrazzi (22 Dec 2017) # Masked for removal in 30 days. # Linux kernel 4.13 can break various laptops. # (bug #642026) =sys-kernel/gentoo-sources-4.13.15 =sys-kernel/gentoo-sources-4.13.16 # Andreas Sturmlechner (21 Dec 2017) # Masked for testing =dev-libs/libical-3.0.1 # James Le Cuirot (17 Dec 2017) # Java 9 is not yet fully supported on Gentoo. Packages cannot depend # on it so these virtuals are not yet required. If you wish to use # Java 9 now then install oracle-(jdk|jre)-bin:9 directly. virtual/jdk:9 virtual/jre:9 # Patrice Clement (12 Dec 2017) # Masked due to a hard dependency on an ancient versions of dev-libs/msgpack # (<0.6) that have been punted from the tree. net-misc/cocaine-core # Andreas Sturmlechner (03 Dec 2017) # Depends on dead Qt4, upstream porting inquiry pending. Bug #631788 games-kids/crayon-physics # Jonas Stein (29 Nov 2017) # The old yafaray-0.1.1 depends on qt4 and has bugs we can not fix. # (bug #321169) and (bug #595684) # Users of yafaray may be interested in >=yafaray-3.3.0 (bug #639046) # and its fork TheBounty (#639158) which require completely new ebuilds. # # The old and for now the last version in the tree is # masked for removal on 2018-02-30 =media-gfx/yafaray-0.1.1 # Michał Górny (25 Nov 2017) # Testing branch GTK+3 release. Changes API, breaks xfce-base/xfdesktop. # Masked until the latter sees a new release. >=dev-python/thunarx-python-0.4.0 >=xfce-base/thunar-1.7 >=xfce-extra/thunar-archive-plugin-0.4.0 >=xfce-extra/thunar-media-tags-plugin-0.3.0 >=xfce-extra/thunar-shares-plugin-0.3.0 # Andreas Sturmlechner (16 Nov 2017) # Depends on dead Qt4WebKit. Masked for removal in 30 days. Bug #620702 (05 Nov 2017) # Breaks several reverse dependencies. # https://bugs.gentoo.org/635934 >=dev-util/scons-3.0.0 # James Le Cuirot (05 Nov 2017) # Java 7 is old and we are no longer able to support it. The ability # to build against Java 7 may return when we update the eclasses for # Java 9 but the runtime will not return. If you need it then source # ebuilds will continue to be maintained by gnu_andrew in java-overlay # for a few years. Removal in 30 days. <=dev-java/icedtea-7.2.6.11:7 dev-java/icedtea-bin:7 virtual/jdk:1.7 virtual/jre:1.7 # Patrice Clement (28 Oct 2017) # Missing dependencies. >=dev-python/scrapy-1.4.0 # Robin H. Johnson (22 Oct 2017) # Masking for testing, contains Fedora Hobbled-EC for USE=bindist =dev-libs/openssl-1.0.2l-r1 # Andreas K. Hüttel (22 Oct 2017) # Broken with recent Perl (5.26) and not used by anything # in the Gentoo repository. Please uninstall. sys-devel/autoconf:2.59 sys-devel/autoconf:2.61 sys-devel/autoconf:2.62 sys-devel/autoconf:2.63 sys-devel/autoconf:2.65 sys-devel/autoconf:2.67 sys-devel/autoconf:2.68 # Andreas K. Hüttel (18 Oct 2017) # sys-devel/automake versions 1.4, 1.5, 1.6, 1.7, 1.8 # have known security vulnerabilities, are broken with # recent Perl (>=5.26.0), and are not used by anything in # the Gentoo repository. Please uninstall. sys-devel/automake:1.4 sys-devel/automake:1.5 sys-devel/automake:1.6 sys-devel/automake:1.7 sys-devel/automake:1.8 # Kent Fredric (11 Oct 2017) # This package should now be provided entirely by dev-lang/perl, # stable perl 5.24 provides Unicode-Collate-1.140.0 # testing perl 5.26 provides Unicode-Collate-1.190.0 # This should only be unmasked if you're locking to perl-5.24 and need # a newer version of virtual/perl-Unicode-Collate # If you're upgrading to perl-5.26, please do: # emerge -C perl-core/Unicode-Collate # See bug #634040 (05 Oct 2017) # (on behalf of QA) # Rogue version bumps that reintroduce QA violations that were fixed # in #598527 and #598529, breaking the current verison # of app-portage/eix as a result, #633424. Do not reintroduce without # prior review from QA. =app-shells/push-3.0 =app-shells/quoter-4.0 # Patrice Clement (01 Oct 2017) # Mask Atom betas for testing. app-editors/atom:beta # Patrice Clement (09 Sep 2017) # Python 3 port is almost complete with version 0.6.0. Users might run into # minor bumps here and there which is why the mask is still in place for the # time being. >=dev-java/javatoolkit-0.6.0 # Gilles Dartiguelongue (04 Sep 2017) # Incompatible changes in API in Enchant 2. Bug #629838. >=app-text/enchant-2 # Gilles Dartiguelongue (2 Sep 1017) # Gnome 3.26 package mask >=app-text/libgepub-0.5 # Anthony G. Basile (27 Aug 2017) # Upstream is no longer providing public patches sys-kernel/hardened-sources # Patrice Clement (23 Aug 2017) # Packages depending on this library need to be tested first before # it is unmasked. Possibly some slotting is still needed. # Package testing tracked in bug #611022. >=dev-libs/msgpack-1.4.2 # Hanno Boeck (21 Aug 2017) # Open security bugs, no upstream, bug 628432 # Alternatives: app-arch/libarchive, app-arch/unar app-arch/unrar-gpl # Sébastien Fabbro (19 Aug 2017) # ipython-6 is python-3 only and causes circular dependencies # Unset python_targets_python2_7 for ipykernel and ipyparallel if needed. >=dev-python/ipython-6 # Michael Orlitzky (18 Aug 2017) # Last version from 2011, and has a vulnerable init script # (bug 603382). The proxy-maintainer is unknown to bugzilla, # and the previous maintainer jmbsvicetto is OK with masking. (17 Aug 2017) # Masked ede and all its dependencies due to security reasons. # bug #398241 app-xemacs/ede app-xemacs/semantic app-xemacs/jde app-xemacs/xslt-process app-xemacs/xetla app-xemacs/cogre app-xemacs/ecb app-xemacs/xemacs-packages-all # Kent Fredric (21 Jul 2017) # Masked due to serious regression that introduces widespread data # corruption when storing data in blobs. Masked, because any code # that is written to use this version is now dependent on this version # and older versions will corrupt your code instead. # However, any existing packages should not use this version. # See: https://github.com/perl5-dbi/DBD-mysql/issues/117 =dev-perl/DBD-mysql-4.42.0 # Ian Stakenvicius (19 Jul 2017) # Mask spidermonkey:52 as it is a self-rolled release, no official # release has been rolled. Is only committed to support development # versions of gjs. Will unmask when gnome-3.26 is ready for testing # or when upstream releases an official tarball. dev-lang/spidermonkey:52 # Nicolas Bock (17 Jul 2017) # Keep shotwell development series masked. >=media-gfx/shotwell-0.27 # Nicolas Bock (31 Oct 2017) # There are multiple unresolved upstream issues with >=jabref-bin-4.0 (#636036). # If you still would like to use this version, please report any issues to # upstream. >=app-text/jabref-bin-4.0 # Pacho Ramos (14 Jul 2017) # Doesn't work with >=openvpn-2.3, bug 470696 # Fix is work in progress, see above bug. dilfridge@g.o net-vpn/kvpnc # Pacho Ramos (14 Jul 2017) # Randomly broken due to sys-devel/binutils-config bug (#584296). # Unmask when it is finally fixed, so people can build the package. dev-util/mutrace # Matthias Schwarzott (03 Jul 2017) # The snapshots got a wrong version number assigned. # They are from before version 2.0.0. Masking them to force # an update to version 2.0.0 as soon as it is added to the tree. =media-plugins/vdr-xineliboutput-2.0.0_p20130821 =media-plugins/vdr-xineliboutput-2.0.0_p20150220 # Thomas Deutschmann (28 Jun 2017) # New strip feature which is enabled by default causes genkernel # to create unbootable kernel/initramfs images. Bug #622716 =sys-kernel/genkernel-3.5.1.0 # Hans de Graaff (05 Jun 2017) # Bundles obsolete and vulnerable webkit version. # Upstream has stopped development and recommends using # headless mode in >=www-client/chromium-59. # Masked for removal in 90 days. Bug #589994. www-client/phantomjs dev-ruby/poltergeist # Thomas Deutschmann (24 May 2017) # Broken runscript/changed behavior causing lvm2 to fail # on boot. Bug #617578 >=sys-fs/lvm2-2.02.171 # Michał Górny (22 May 2017) # for Maciej S. Szmigiero # Any version above 5.100.138 breaks b43 driver in various ways. # Also, b43 wiki page says to use 5.100.138. Bug #541080. >=sys-firmware/b43-firmware-6.30.163.46 # Michał Górny , Andreas K. Hüttel , # Matthias Maier (21 May 2017) # These old versions of toolchain packages (binutils, gcc, glibc) are no # longer officially supported and are not suitable for general use. Using # these packages can result in build failures (and possible breakage) for # many packages, and may leave your system vulnerable to known security # exploits. # If you still use one of these old toolchain packages, please upgrade (and # switch the compiler / the binutils) ASAP. If you need them for a specific # (isolated) use case, feel free to unmask them on your system. # (updated 27 Dec 2017 with gcc < 5.4) (20 May 2017) # Old versions of CUDA and their reverse dependencies. They do not # support GCC 5+, and are really old. # (updated 27 Dec 2017 with cuda < 8 because of gcc < 5 mask) (8 May 2017) # Coordinated conversion to wxGTK:3.0-gtk3 # Drop mask after migration of existing wxGTK:3.0 users =net-ftp/filezilla-3.30.0-r300 =net-ftp/filezilla-3.31.0-r300 # Rick Farina (17 Apr 2017) # Masking old versions because upstream changed versioning # Please keep this mask for 1 year to ease upgrades for users =app-crypt/hashcat-3.10-r1 =app-crypt/hashcat-3.30 =app-crypt/hashcat-3.40 # Lars Wendler (24 Mar 2017) # Masked until Mozilla and Chrome agreed how to handle # Symantec trust issues properly (bug #613714) =app-misc/ca-certificates-20161130.3.30-r1 # Mart Raudsepp (16 Feb 2017) # Old gstreamer 0.10 version, which is security vulnerable. # Use gstreamer:1.0 with media-plugins/gst-plugins-libav # instead (despite the name, it uses media-video/ffmpeg too). # Please keep this mask entry until gstreamer:0.10 is still # in tree or at least gets an affecting GLSA from bug 601354 # Bug #594878. media-plugins/gst-plugins-ffmpeg # Kent Fredric (04 Feb 2017) # Unsecure versions that have been only restored to tree # to resolve compatibility problems with mail-filter/amavisd-new # Use with caution due to these being removed for CVE-2016-1251 # Bug: #601144 # Bug: #604678 (06 Feb 2017) # Needs openssl-1.1 >=dev-libs/opencryptoki-3.6 # Bernard Cafarelli (30 Jan 2017) # Alpha release with new features, masked for testing =app-text/tesseract-4.00.00_alpha* # Yixun Lan (16 Jan 2017) # Masked, Vulnerable due to RGW Denial of Service (bug #598206) # We mask it instead of removing them, due user may need them while # upgrade from old versions (<0.94.x) (12 Jan 2017) # Use x11-drivers/nvidia-drivers[tools] instead. media-video/nvidia-settings # Michael Orlitzky (07 Jan 2017) # This package has some dangerous quality and security issues, but # people may still find it useful. It is masked to prevent accidental # use. See bugs 603346 and 604998 for more information. app-admin/amazon-ec2-init # Robin H. Johnson (05 Jan 2017) # Masking for testing =app-emulation/ganeti-2.16* =app-emulation/ganeti-2.17* # Michał Górny (17 Nov 2016) # New version masked for testing. It supports source-window buffer size # over 2G but it 'currently performs 3-5% slower and has 1-2% worse # compression'. >=dev-util/xdelta-3.1.0 # Tim Harder (03 Nov 2016) # Masked for testing =sys-fs/fuse-3.0.0* # Denis Dupeyron (12 Sep 2016) # Masked for testing, see bug #588894. =x11-misc/light-locker-1.7.0-r1 # Lars Wendler (26 Aug 2016) # Masked while being tested and reverse deps aren't fully compatible =dev-libs/openssl-1.1* # Chris Reffett (25 May 2016) # The webkit-gtk:4 backend for Xiphos has known text display issues. # Use at your own risk. =app-text/xiphos-4.0.4-r1 # James Le Cuirot (03 Apr 2016) # Masking Spring Framework for the time being as 3.2.4 is old, has # multiple vulnerabilities, and we're not likely to update it # soon. Hopefully we can revisit it when the Maven stuff works out. dev-java/spring-aop dev-java/spring-beans dev-java/spring-core dev-java/spring-expression dev-java/spring-instrument # Andreas K. Hüttel (03 Apr 2016) # Can exhaust all available memory depending on task # but is made available for experts who heed this warning # as newer versions produce different output. Contact # the proxied maintainer Matthew Brewer # for questions. <=media-gfx/slic3r-1.1.9999 # James Le Cuirot (07 Feb 2016) # Masked until 2.0 final arrives, which hopefully won't depend on # commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the # tree should have actually been 2.0_beta1. There are no revdeps. dev-java/jcs # Andrey Grozin (04 Jan 2016) # Needs a bump and substantial ebuild rewrite =sci-mathematics/reduce-20110414-r1 # Michał Górny (30 Oct 2015) # Uses unsafe ioctls that could result in data corruption. Upstream # is working on replacing them in the wip/dedup-syscall branch. # Keep it masked until they are done. sys-fs/duperemove is # the suggested replacement for the meantime. sys-fs/bedup # Mike Pagano (2 Oct 2015) # A regression in kernel 4.1.9 could lead to a system # lockup. This has been fixed in gentoo-sources-4.1.9-r1 # and the hope is that this patch will make it to 4.1.10 # Expires (2 Oct 2017) =sys-kernel/vanilla-sources-4.1.9 =sys-kernel/gentoo-sources-4.1.9 # Lars Wendler (20 Aug 2015) # Releases are not from original upstream but from a fork. # Masked as requested by vapier. ~net-misc/iputils-20160308 ~net-misc/iputils-20161105 # Sebastian Pipping (8 Aug 2015) # Upcoming, too young to go into testing unmasked dev-libs/iniparser:4 # Justin Lecher (28 Feb 2015) # Unfixed security problems # No upstream support anymore # CVE-2015-{0219,0220,0221,0222,5145} # CVE-2016-{9013,9014},CVE-2017-{7233,7234} # #536586 # #554864 =dev-python/django-1.4* =dev-python/django-1.5* =dev-python/django-1.6* =dev-python/django-1.7* =dev-python/django-1.9* # Robin H. Johnson (04 Aug 2014) # Masked for testing, presently fails upstream testsuite: # FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1 # FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed. # FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1 =sys-libs/db-6.1* =sys-libs/db-6.2* # Ulrich Müller (15 Jul 2014) # Permanently mask sys-libs/lib-compat and its reverse dependencies, # pending multiple security vulnerabilities and QA issues. # See bugs #515926 and #510960. sys-libs/lib-compat sys-libs/lib-compat-loki games-action/mutantstorm-demo games-action/phobiaii games-fps/rtcw games-fps/unreal games-strategy/heroes3 games-strategy/heroes3-demo games-strategy/smac # Mikle Kolyada (27 Jun 2014) # Masked for proper testing. (Major updates in the code). ~dev-perl/PortageXS-0.2.12 # Hans de Graaff (1 Jun 2014) # Mask new rubinius version for testing. This needs more work # to fully integrate it in our Gentoo ruby handling. Volunteers # welcome. =dev-lang/rubinius-3* # Matti Bickel (22 Apr 2014) # Masked slotted lua for testing # William Hubbs (07 Aug 2016) # Taking this mask since Mabi is retired # Rafael Martins (04 Dec 2016) # Adding Lua 5.3 to mask app-eselect/eselect-lua =dev-lang/lua-5.1.5-r2 =dev-lang/lua-5.1.5-r100 =dev-lang/lua-5.1.5-r101 =dev-lang/lua-5.2.3 =dev-lang/lua-5.2.3-r1 =dev-lang/lua-5.2.3-r2 =dev-lang/lua-5.3.3 =dev-lang/lua-5.3.3-r1 # Samuli Suominen (06 Mar 2012) # Masked for testing since this is known to break nearly # every reverse dependency wrt bug 407091 >=dev-lang/lua-5.2.0 # Mike Gilbert (04 Mar 2014) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. www-plugins/chrome-binary-plugins:unstable # Justin Lecher (14 Oct 2013) # Seems to break all deps - API change? >=sci-libs/metis-5 # Michael Weber (17 Jul 2013) # Upstream next versions >=sys-boot/raspberrypi-firmware-1_pre # Richard Freeman (24 Mar 2013) # Contains known buffer overflows. Package generally works # but should not be fed untrusted input (eg from strangers). # Masked to ensure users are aware before they install. app-text/cuneiform # Samuli Suominen (30 Oct 2011) # Masked for security bug #294253, use only at your own risk! =media-libs/fmod-3* # Diego E. Pettenò (03 Jan 2009) # These packages are not supposed to be merged directly, instead # please use sys-devel/crossdev to install them. dev-libs/cygwin dev-util/mingw-runtime dev-util/mingw64-runtime dev-util/w32api sys-libs/newlib dev-embedded/avr-libc # Chris Gianelloni (03 Mar 2008) # Masking due to security bug #194607 and security bug #204067 games-fps/doom3 games-fps/doom3-cdoom games-fps/doom3-chextrek games-fps/doom3-data games-fps/doom3-demo games-fps/doom3-ducttape games-fps/doom3-eventhorizon games-fps/doom3-hellcampaign games-fps/doom3-inhell games-fps/doom3-lms games-fps/doom3-mitm games-fps/doom3-roe games-fps/quake4-bin games-fps/quake4-data games-fps/quake4-demo # (01 Apr 2004) # The following packages contain a remotely-exploitable # security vulnerability and have been hard masked accordingly. # # Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info # games-fps/unreal-tournament-goty games-fps/unreal-tournament-strikeforce games-fps/unreal-tournament-bonuspacks games-fps/aaut