#################################################################### # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely # careful not to commit atoms that are not valid, as it can cause large-scale # breakage, especially if it ends up in the daily snapshot. # ## Example: ## ## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012) ## # Masking these versions until we can get the ## # v4l stuff to work properly again ## =media-video/mplayer-0.90_pre5 ## =media-video/mplayer-0.90_pre5-r1 # # - Best last rites (removal) practices - # Include the following info: # a) reason for masking # b) bug # for the removal (and yes you should have one) # c) date of removal (either the date or "in x days") # ## Example: ## ## # Dev E. Loper <developer@gentoo.org> (23 May 2015) ## # Masked for removal in 30 days. Doesn't work ## # with new libfoo. Upstream dead, gtk-1, smells ## # funny. (bug #987654) ## app-misc/some-package #--- END OF EXAMPLES --- # Michael Palimaka <kensington@gentoo.org> (21 Sep 2017) # Requires dead Qt 4. Dead upstream. # Masked for removal in 30 days. media-libs/herqq # Patrice Clement <monsieurp@gentoo.org> (20 Sep 2017) # Upstream has been dead for years. # Masked for removal in 30 days. dev-java/db4o-jdk5 dev-java/db4o-jdk11 dev-java/db4o-jdk12 # Andrey Grozin <grozin@gentoo.org> (19 Sep 2017) # This package was a stopgap to bump dev-python/spyder to 3.* # Now >=dev-python/rope-0.10.7 supports python3, use it instead # Masked for removal in 30 days. dev-python/rope_py3k # Pawel Hajdan, Jr. <phajdan.jr@gentoo.org> (18 Sep 2017) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. >=www-client/chromium-63 # Kent Fredric <kentnl@gentoo.org> (18 Sep 2017) # Dead upstream, requires Module::Install. May be kept # if somebody can make an argument for it. Bug #631334 # Masked for removal in 30 days. dev-perl/PerlIO-via-symlink # Andreas Sturmlechner <asturm@gentoo.org> (16 Sep 2017) # Unfortunately broken esp. with USE=python. Bugs #623780, #631064 =sci-geosciences/qgis-2.18.12-r100 # Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) # Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. # Masked for removal in 30 days. Bug #628224. app-editors/qwriter # Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) # Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. # Masked for removal in 30 days. Bug #628228. dev-util/kscope # Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) # Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. # Masked for removal in 30 days. Bug #628230. dev-util/monkeystudio # Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) # Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. # Masked for removal in 30 days. Bug #628234. dev-util/universalindentgui # Andreas Sturmlechner <asturm@gentoo.org> (10 Sep 2017) # Requires dead Qt 4. Dead upstream. Does not work. # Use net-misc/dropbox or kde-apps/dolphin-plugins instead. # Masked for removal in 30 days. kde-misc/kfilebox # Kent Fredric <kentnl@gentoo.org> (10 Sep 2017) # Staging block for Perl 5.24.3 =dev-lang/perl-5.24.3_rc1 =dev-lang/perl-5.24.3_rc2 =dev-lang/perl-5.24.3_rc3 =virtual/perl-Module-CoreList-5.201.709.220 =virtual/perl-Time-HiRes-1.974.100-r1 # Andreas Sturmlechner <asturm@gentoo.org> (10 Sep 2017) # Requires dead Qt 4. Dead upstream. Unmaintained. # Use media-video/kmplayer or kde-apps/dragon instead. # Masked for removal in 30 days. media-video/kplayer # Michael Palimaka <kensington@gentoo.org> (10 Sep 2017) # Requires dead Qt 4. Dead upstream. Build failures. # Bug #622548, #623574. Masked for removal in 30 days. net-libs/qmf # Michael Palimaka <kensington@gentoo.org> (10 Sep 2017) # Requires dead Qt 4. Dead upstream. Use Qt 5 instead. # Depends on vulnerable gstreamer:0.10. # Masked for removal in 30 days. dev-qt/qt-mobility # Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) # Requires dead Qt 4. Dead upstream. # Masked for removal in 30 days. app-text/kding # Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) # Requires dead Qt 4. Dead upstream. Unmaintained. # Masked for removal in 30 days. sys-process/procexp # Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) # Requires dead Qt 4. Dead upstream. Unmaintained. # Masked for removal in 30 days. x11-apps/python-whiteboard # Patrice Clement <monsieurp@gentoo.org> (09 Sep 2017) # Python 3 port is almost complete with version 0.6.0. Users might run into # minor bumps here and there which is why the mask is still in place for the # time being. >=dev-java/javatoolkit-0.6.0 # Alon Bar-Lev <alonbl@gentoo.org> (08 Sep 2017) # Complex build system, hard to maintain, no dependencies in tree, upstream # does not cooperate (Bug#630420). # Removal in 30 days. dev-libs/cryptlib # Alon Bar-Lev <alonbl@gentoo.org> (08 Sep 2017) # Upstream no longer maintain (Bug#628908). # Removal in 30 days. sys-auth/pam_pkcs11 # Austin English <wizardedit@gentoo.org> (05 Sep 2017) # Download has been broken for nearly a year, no alternative found # Bug: https://bugs.gentoo.org/599390 # Removal in 30 days games-rpg/nwmouse games-rpg/nwmovies games-rpg/nwn games-rpg/nwn-cep games-rpg/nwn-data games-rpg/nwn-penultima games-rpg/nwn-penultimarerolled games-rpg/nwn-shadowlordsdreamcatcherdemon # Kent Fredric <kentnl@gentoo.org> (05 Sep 2017) # Broken since Perl 5.16 circa 2012, no longer maintained upstream # Bug: https://bugs.gentoo.org/623900 # Bug: https://rt.cpan.org/Public/Bug/Display.html?id=85991 # Removal in 30 days dev-perl/XML-AutoWriter # Gilles Dartiguelongue <eva@gentoo.org> (04 Sep 2017) # Incompatible changes in API in Enchant 2. Bug #629838. >=app-text/enchant-2 # Lars Wendler <polynomial-c@gentoo.org> (03 Sep 2017) # Masked because a new object API was introduced which breaks consumers: # https://cgit.freedesktop.org/poppler/poppler/commit/poppler/Object.h?id=9773c1534668d84b8267c3e5c9d612076fa231a5 # See also our tracker bug: https://bugs.gentoo.org/629836 >=app-text/poppler-0.58.0 # Michael Palimaka <kensington@gentoo.org> (03 Sep 2017) # Dead upstream. Use media-libs/phonon instead. # Masked for removal in 30 days. Bug #629144. dev-qt/qtphonon # Gilles Dartiguelongue <eva@gentoo.org> (2 Sep 1017) # Gnome 3.26 package mask >=app-text/libgepub-0.5 # Aaron Bauman <bman@gentoo.org> (1 Sep 2017) # vulnerable per bug #513818 and dead upstream # net-analyzer/ntopng is available net-analyzer/ntop # James Le Cuirot <chewi@gentoo.org> (29 Aug 2017) # The FOSS-friendly oracle-javamail has rendered other implementations # and the virtual obsolete. Removal in 30 days. See bug #553186. dev-java/gnu-classpath-inetlib dev-java/gnu-javamail dev-java/javax-mail dev-java/sun-javamail java-virtuals/javamail # James Le Cuirot <chewi@gentoo.org> (29 Aug 2017) # Old and holding up the removal of Java 7. Still alive upstream but # new versions have proven too tricky to package under our current # infrastructure. It may return one day. Removal in 30 days. app-benchmarks/jmeter # Jonas Stein <jstein@gentoo.org> (29 Aug 2017) # SRC_URI and HOMEPAGE are dead and the ebuild is in a very bad # state. # Removal in 30 days. #629112. app-text/adiff # Michał Górny <mgorny@gentoo.org> (29 Aug 2017) # The new snapshot introduces more issues than it fixes, even after # reverting one of the most breaking commits. Downgrade to 4.13.0 # is suggested, I will probably add a new revision with some specific # patches if necessary. =xfce-base/xfwm4-4.13.0_p20170825 # Michał Górny <mgorny@gentoo.org> (28 Aug 2017) # Alike xfce4-mixer, relies on gstreamer:0.10 (gstreamer:1.0 removed # mixer wrappers). Last commit upstream in 2014. PulseAudio users # can switch to xfce-extra/xfce4-pulseaudio-plugin # or xfce-extra/xfce4-volumed-pulse. # Removal in 30 days. Bug #629212. xfce-extra/xfce4-volumed # Andreas Sturmlechner <asturm@gentoo.org> (27 Aug 2017) # No consumers left, depends on deprecated akonadi:4. # Masked for removal in 30 days. kde-misc/akonadi-git-resource # Anthony G. Basile <blueness@gentoo.org> (27 Aug 2017) # Upstream is no longer providing public patches sys-kernel/hardened-sources # Michael Palimaka <kensington@gentoo.org> (27 Aug 2017) # Requires deprecated Qt/KDE4. Dead upstream. Use kde-apps/spectacle instead. # Masked for removal in 30 days. media-gfx/kgrab # Michael Palimaka <kensington@gentoo.org> (27 Aug 2017) # Doesn't work with Plasma 5. Dead upstream. # Masked for removal in 30 days. kde-misc/colibri # Michael Palimaka <kensington@gentoo.org> (27 Aug 2017) # Doesn't work anymore. Dead upstream. # Masked for removal in 30 days. media-gfx/kflickr # Andreas Sturmlechner <asturm@gentoo.org> (26 Aug 2017) # media-libs/phonon[zeitgeist] masked on all arches since 2012. # No other rdeps left. Masked for removal in 30 days. dev-libs/libqzeitgeist # Mikle Kolyada <zlogene@gentoo.org> (26 Aug 2017) # Masked for removal in 30 days. # No major keywords, old EAPI, no maintainer. # Use sys-apps/less instead. sys-apps/more # Patrice Clement <monsieurp@gentoo.org> (23 Aug 2017) # Packages depending on this library need to be tested first before # it is unmasked. Possibly some slotting is still needed. # Package testing tracked in bug #611022. >=dev-libs/msgpack-1.4.2 # Michał Górny <mgorny@gentoo.org> (21 Aug 2017) # xfce4-mixer is discontinued upstream and no longer considered part # of the DE since 4.12. It requires vulnerable gstreamer:0.10, and no # longer builds with the development versions of core Xfce4 components. # The suggested replacement is xfce-extra/xfce4-pulseaudio-plugin. # Removal in 30 days. Bug #628424. xfce-extra/xfce4-mixer # Hanno Boeck <hanno@gentoo.org> (21 Aug 2017) # Open security bugs, no upstream, bug 628432 # Alternatives: app-arch/libarchive, app-arch/unar app-arch/unrar-gpl # Michał Górny <mgorny@gentoo.org> (20 Aug 2017) # Pre-release of a new incompatible version that breaks the only reverse # dependency in Gentoo. Masked until 2.0.0 proper is released, or # dev-cpp/libjson-rpc-cpp is fixed, whichever happens first. >=dev-cpp/catch-2 # Hans de Graaff <graaff@gentoo.org> (20 Aug 2017) # Mask Ruby 2.1 for removal, bug 615822 # This version is no longer supported by upstream # since March 2017. # This mask also includes all remaining ruby21-only packages. dev-lang/ruby:2.1 dev-ruby/activeresource:4.1 dev-ruby/builder:3 dev-ruby/rails-observers dev-ruby/samuel games-rpg/a-bird-story # Sébastien Fabbro <bicatali@gentoo.org> (19 Aug 2017) # ipython-6 is python-3 only and causes circular dependencies # Unset python_targets_python2_7 for ipykernel and ipyparallel if needed. >=dev-python/ipython-6 # Michael Orlitzky <mjo@gentoo.org> (18 Aug 2017) # Last version from 2011, and has a vulnerable init script # (bug 603382). The proxy-maintainer is unknown to bugzilla, # and the previous maintainer jmbsvicetto is OK with masking. net-misc/vde # Mats Lidell <matsl@gentoo.org> (17 Aug 2017) # Masked ede and all its dependencies due to security reasons. # bug #398241 app-xemacs/ede app-xemacs/semantic app-xemacs/jde app-xemacs/xslt-process app-xemacs/xetla app-xemacs/cogre app-xemacs/ecb app-xemacs/xemacs-packages-all # Lars Wendler <polynomial-c@gentoo.org> (06 Aug 2017) # Masked for security reasons: # https://bugs.gentoo.org/600214 <app-emulation/virtualbox-5.0.40 <app-emulation/virtualbox-additions-5.0.40 <app-emulation/virtualbox-bin-5.0.40 <app-emulation/virtualbox-extpack-oracle-5.0.40 <app-emulation/virtualbox-guest-additions-5.0.40 <app-emulation/virtualbox-modules-5.0.40 <x11-drivers/xf86-video-virtualbox-5.0.40 # Bernard Cafarelli <voyageur@gentoo.org> (04 Aug 2017) # Temporary mask as current net-ftp/filezilla does not compile # with it, bug #626292 =dev-libs/libfilezilla-0.10.0 # Alexey Shvetsov <alexxy@gentoo.org> (26 Jul 2017) # Its pre release so better to mask it =media-gfx/freecad-0.17_pre* # Kent Fredric <kentnl@gentoo.org> (21 Jul 2017) # Masked due to serious regression that introduces widespread data # corruption when storing data in blobs. Masked, because any code # that is written to use this version is now dependent on this version # and older versions will corrupt your code instead. # However, any existing packages should not use this version. # See: https://github.com/perl5-dbi/DBD-mysql/issues/117 =dev-perl/DBD-mysql-4.42.0 # Brian Evans <grknight@gentoo.org> (21 Jul 2017) # Mask initial beta of PHP 7.2 for further testing >=dev-lang/php-7.2.0_beta1 =virtual/httpd-php-7.2 # Mikhail Pukhlikov <cynede@gentoo.org> (20 Jul 2017) # Old mono/dotnet packages (used on GNOME2 stack) # also some deprecated forks used for monodevelop # awhile they are very unstable they will live in dotnet overlay gnome-extra/docky dev-dotnet/gnome-desktop-sharp dev-dotnet/gtksourceview-sharp dev-dotnet/rsvg-sharp dev-dotnet/vte-sharp dev-dotnet/wnck-sharp dev-dotnet/xdt-for-monodevelop dev-dotnet/nuget dev-dotnet/referenceassemblies-pcl # Ian Stakenvicius <axs@gentoo.org> (19 Jul 2017) # Mask spidermonkey:52 as it is a self-rolled release, no official # release has been rolled. Is only committed to support development # versions of gjs. Will unmask when gnome-3.26 is ready for testing # or when upstream releases an official tarball. dev-lang/spidermonkey:52 # Nicolas Bock <nicolasbock@gentoo.org> (17 Jul 2017) # Keep shotwell development series masked. >=media-gfx/shotwell-0.27 # Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) # Doesn't work with >=openvpn-2.3, bug 470696 # Fix is work in progress, see above bug. dilfridge@g.o net-vpn/kvpnc # Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) # Doesn't compile, upstream dead, removal in 2 months (#584296). dev-util/mutrace # Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) # Multiple unresolved bugs (#600680), need major version bumps and a # maintainer, removal in 2 months. dev-libs/libRocket games-fps/warsow # Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) # Dead for ages, relies on dead libs (#622010), you can move to moserial, cutecom or # minicom. Removal in 2 months. net-dialup/gtkterm # Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) # Doesn't build (#623562). Removal in 2 months. media-plugins/vdr-skinnopacity # Lars Wendler <polynomial-c@gentoo.org> (07 Jul 2017) # Masked until >=net-fs/samba-4.7 is in the tree and # unmasked. (bug #624106) # See also https://bugzilla.samba.org/show_bug.cgi?id=12859 >=sys-libs/ldb-1.1.30 >=net-fs/samba-4.7.0_rc1 # Matthias Schwarzott <zzam@gentoo.org> (03 Jul 2017) # The snapshots got a wrong version number assigned. # They are from before version 2.0.0. Masking them to force # an update to version 2.0.0 as soon as it is added to the tree. =media-plugins/vdr-xineliboutput-2.0.0_p20130821 =media-plugins/vdr-xineliboutput-2.0.0_p20150220 # Thomas Deutschmann <whissi@gentoo.org> (28 Jun 2017) # New strip feature which is enabled by default causes genkernel # to create unbootable kernel/initramfs images. Bug #622716 =sys-kernel/genkernel-3.5.1.0 # Thomas Deutschmann <whissi@gentoo.org> (17 Jun 2017) # Unmaintained in Gentoo repository; Multiple vulnerabilities # People using VMware in Gentoo should switch to Gentoo's VMware overlay # Bugs 619398, 621910, 616958, 536364, 614666, 612804 ... app-emulation/vmware-workstation app-emulation/vmware-player app-emulation/vmware-modules app-emulation/vmware-tools # Raymond Jennings <shentino@gmail.com> (11 Jun 2017) # Upstream announced EOL effective July 2017. # Depends on qt4 which is being deprecated. # Possible alternative is skypeforlinux, # which uses the same account information but has different features. # See bug #620722 and bug #608174. dev-python/skype4py media-sound/skype-call-recorder net-im/skype net-im/skypetab-ng # Hans de Graaff <graaff@gentoo.org> (05 Jun 2017) # Bundles obsolete and vulnerable webkit version. # Upstream has stopped development and recommends using # headless mode in >=www-client/chromium-59. # Masked for removal in 90 days. Bug #589994. www-client/phantomjs dev-ruby/poltergeist # Andreas K. Hüttel <dilfridge@gentoo.org> (5 June 2017) # Masked for initial testing. =dev-lang/perl-5.26.0 =virtual/perl-Archive-Tar-2.240.0 =virtual/perl-B-Debug-1.240.0 =virtual/perl-CPAN-2.180.0 =virtual/perl-CPAN-Meta-2.150.10 =virtual/perl-Carp-1.420.0 =virtual/perl-Compress-Raw-Bzip2-2.74.0 =virtual/perl-Compress-Raw-Zlib-2.74.0 =virtual/perl-DB_File-1.840.0 =virtual/perl-Data-Dumper-2.167.0 =virtual/perl-Devel-PPPort-3.350.0 =virtual/perl-Digest-MD5-2.550.0 =virtual/perl-Digest-SHA-5.960.0 =virtual/perl-Encode-2.880.0 =virtual/perl-ExtUtils-MakeMaker-7.240.0 =virtual/perl-ExtUtils-ParseXS-3.340.0 =virtual/perl-File-Spec-3.670.0 =virtual/perl-Filter-Simple-0.930.0 =virtual/perl-Getopt-Long-2.490.0 =virtual/perl-HTTP-Tiny-0.70.0 =virtual/perl-I18N-LangTags-0.420.0 =virtual/perl-IO-1.380.0 =virtual/perl-IO-Compress-2.74.0 =virtual/perl-IO-Socket-IP-0.380.0 =virtual/perl-IPC-Cmd-0.960.0 =virtual/perl-JSON-PP-2.274.0.200_rc =virtual/perl-Locale-Maketext-1.280.0 =virtual/perl-Math-BigInt-1.999.806-r1 =virtual/perl-Math-BigInt-FastCalc-0.500.500 =virtual/perl-Math-BigRat-0.261.100 =virtual/perl-Math-Complex-1.590.100 =virtual/perl-Module-Load-Conditional-0.680.0 =virtual/perl-Module-Metadata-1.0.33 =virtual/perl-Net-Ping-2.550.0 =virtual/perl-Parse-CPAN-Meta-2.150.10 =virtual/perl-Perl-OSType-1.10.0 =virtual/perl-Pod-Simple-3.350.0 =virtual/perl-Safe-2.400.0 =virtual/perl-Scalar-List-Utils-1.460.200_rc =virtual/perl-Storable-2.620.0 =virtual/perl-Sys-Syslog-0.350.0 =virtual/perl-Term-ANSIColor-4.60.0 =virtual/perl-Term-ReadLine-1.160.0 =virtual/perl-Test-1.300.0 =virtual/perl-Test-Harness-3.380.0 =virtual/perl-Test-Simple-1.302.73 =virtual/perl-Thread-Queue-3.120.0 =virtual/perl-Thread-Semaphore-2.130.0 =virtual/perl-Time-Local-1.250.0 =virtual/perl-XSLoader-0.270.0 =virtual/perl-bignum-0.470.0 =virtual/perl-libnet-3.100.0 =virtual/perl-parent-0.236.0 =virtual/perl-podlators-4.90.0 =virtual/perl-threads-2.150.0 =virtual/perl-threads-shared-1.560.0 =virtual/perl-version-0.991.700 # # The following masks are technically not part of the Perl 5.26 block, # but with the unmasking of Perl 5.26 they become obsolete and can be # removed: # >=perl-core/ExtUtils-MakeMaker-7.180.0 >=dev-perl/Net-Twitter-4.10.420 >=perl-core/Math-BigInt-1.999.726 >=dev-perl/Math-BigInt-GMP-1.600.0 =perl-core/Test-Simple-1.302.96 =virtual/perl-Test-Simple-1.302.96 dev-perl/Test2-Suite >=dev-perl/Data-Validate-Domain-0.120.0 dev-perl/Test2-Plugin-NoWarnings dev-perl/Params-ValidationCompiler dev-perl/Sub-Info dev-perl/Term-Table >=dev-perl/DateTime-Locale-1.60.0 >=dev-perl/DateTime-TimeZone-2.20.0 >=dev-perl/DateTime-1.370.0 >=dev-perl/DateTime-Format-Strptime-1.710.0 >=dev-perl/Log-Dispatch-2.590.0 >=dev-perl/App-pwhich-1.150.0 # Thomas Deutschmann <whissi@gentoo.org> (24 May 2017) # Broken runscript/changed behavior causing lvm2 to fail # on boot. Bug #617578 >=sys-fs/lvm2-2.02.171 # Michał Górny <mgorny@gentoo.org> (22 May 2017) # for Maciej S. Szmigiero <mail@maciej.szmigiero.name> # Any version above 5.100.138 breaks b43 driver in various ways. # Also, b43 wiki page says to use 5.100.138. Bug #541080. >=sys-firmware/b43-firmware-6.30.163.46 # Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>, # Matthias Maier <tamiko@gentoo.org> (21 May 2017) # These old versions of toolchain packages (binutils, gcc, glibc) are no # longer officially supported and are not suitable for general use. Using # these packages can result in build failures (and possible breakage) for # many packages, and may leave your system vulnerable to known security # exploits. # If you still use one of these old toolchain packages, please upgrade (and # switch the compiler / the binutils) ASAP. If you need them for a specific # (isolated) use case, feel free to unmask them on your system. <sys-devel/gcc-4.9 <sys-libs/glibc-2.23-r4 <sys-devel/binutils-2.28.1 # Michał Górny <mgorny@gentoo.org> (20 May 2017) # Old versions of CUDA and their reverse dependencies. They do not # support GCC 4.9+, and are really old. <dev-python/pycuda-2016 <dev-util/nvidia-cuda-sdk-7 <dev-util/nvidia-cuda-toolkit-7 net-wireless/cpyrit-cuda # Maciej Mrozowski <reavertm@gentoo.org> (18 May 2017) # Experimental, most consumers does not support it yet >=dev-games/openscenegraph-3.5.5 >=dev-games/openscenegraph-qt-3.5.5 # Bernard Cafarelli <voyageur@gentoo.org> (8 May 2017) # Coordinated conversion to wxGTK:3.0-gtk3 # Drop mask after migration of existing wxGTK:3.0 users # and wxGTK-3.0.3 bump in tree >=net-ftp/filezilla-3.25.2-r1 # Zac Medico <zmedico@gentoo.org> (01 May 2017) # Possible API incompatibilities, bug #617174. # http://aiohttp.readthedocs.io/en/latest/migration.html >=dev-python/aiohttp-2 >=dev-python/yarl-0.10 # Rick Farina <zerochaos@gentoo.org> (17 Apr 2017) # Masking old versions because upstream changed versioning # Please keep this mask for 1 year to ease upgrades for users =app-crypt/hashcat-3.10-r1 =app-crypt/hashcat-3.30 =app-crypt/hashcat-3.40 # NP-Hardass <NP-Hardass@gentoo.org> (10 Apr 2017) # Masked for testing virtual/wine app-eselect/eselect-wine app-emulation/wine-desktop-common app-emulation/wine-gecko app-emulation/wine-mono app-emulation/wine-vanilla app-emulation/wine-staging app-emulation/wine-d3d9 app-emulation/wine-any # Lars Wendler <polynomial-c@gentoo.org> (24 Mar 2017) # Masked until Mozilla and Chrome agreed how to handle # Symantec trust issues properly (bug #613714) =app-misc/ca-certificates-20161130.3.30-r1 # Eray Aslan <eras@gentoo.org> (01 Mar 2017) # Mask experimental software =mail-mta/postfix-3.3* # Davide Pesavento <pesa@gentoo.org> (25 Feb 2017) # Library name changed in 2.10, breaking many consumers. # Needs full revdep testing. >=dev-python/qscintilla-python-2.10 >=x11-libs/qscintilla-2.10 # Mart Raudsepp <leio@gentoo.org> (16 Feb 2017) # Old gstreamer 0.10 version, which is security vulnerable. # Use gstreamer:1.0 with media-plugins/gst-plugins-libav # instead (despite the name, it uses media-video/ffmpeg too). # Please keep this mask entry until gstreamer:0.10 is still # in tree or at least gets an affecting GLSA from bug 601354 # Bug #594878. media-plugins/gst-plugins-ffmpeg # Kent Fredric <kentnl@gentoo.org> (04 Feb 2017) # Unsecure versions that have been only restored to tree # to resolve compatibility problems with mail-filter/amavisd-new # Use with caution due to these being removed for CVE-2016-1251 # Bug: #601144 # Bug: #604678 <dev-perl/DBD-mysql-4.41.0 # Alon Bar-Lev <alonbl@gentoo.org> (06 Feb 2017) # Needs openssl-1.1 >=dev-libs/opencryptoki-3.6 # Bernard Cafarelli <voyageur@gentoo.org> (30 Jan 2017) # Alpha release with new features, masked for testing =app-text/tesseract-4.00.00_alpha* # Michał Górny <mgorny@gentoo.org> (26 Jan 2017) # Pre-release, masked for testing. Major changes since 2.0.4, # including dropped support for BlueZ 4. =net-wireless/blueman-2.1_alpha* # Yixun Lan <dlan@gentoo.org> (16 Jan 2017) # Masked, Vulnerable due to RGW Denial of Service (bug #598206) # We mask it instead of removing them, due user may need them while # upgrade from old versions (<0.94.x) <sys-cluster/ceph-10.2.3-r1 # Jeroen Roovers <jer@gentoo.org> (12 Jan 2017) # Use x11-drivers/nvidia-drivers[tools] instead. media-video/nvidia-settings # Michael Orlitzky <mjo@gentoo.org> (07 Jan 2017) # This package has some dangerous quality and security issues, but # people may still find it useful. It is masked to prevent accidental # use. See bugs 603346 and 604998 for more information. app-admin/amazon-ec2-init # Mart Raudsepp <leio@gentoo.org> (07 Jan 2017) # No releases of this API version since March 2001, abandoned # in favour of glib:2 for 14 years; bug 604966. # Removed at 2017-02-08, mask kept for longer display to users. dev-libs/glib:1 # Mart Raudsepp <leio@gentoo.org> (06 Jan 2017) # No releases of this API version since April 2001, abandoned # in favour of gtk+:2 for 14 years; bug 604862. # Removed at 2017-02-08, mask kept for longer display to users. x11-libs/gtk+:1 # Robin H. Johnson <robbat2@gentoo.org> (05 Jan 2017) # Masking for testing =app-emulation/ganeti-2.16* =app-emulation/ganeti-2.17* # Markos Chandras <hwoarang@gentoo.org> (10 Dec 2016) # Reverse dependencies need testing, wrt bug #580760 >=net-libs/libtorrent-rasterbar-1.1.1 # Robin H. Johnson <robbat2@gentoo.org> (18 Nov 2016) # Depends on slotted lua, # odd revisions are slotted lua, # even revisions are unslotted lua =dev-db/redis-3.2.5-r1 =dev-db/redis-3.2.5-r5 =dev-db/redis-3.2.6-r1 =dev-db/redis-3.2.6-r5 =dev-db/redis-3.2.8-r1 =dev-db/redis-3.2.8-r3 # Ian Stakenvicius (17 Nov 2016) # Does not honour LD_LIBRARY_PATH set in the environment, causing # all mozilla packages to fail in src_install() when xpcshell is # called in ${WORKDIR}, #580726 # Segfaults when creating directories #578582 =sys-apps/sandbox-2.11* # Michał Górny <mgorny@gentoo.org> (17 Nov 2016) # New version masked for testing. It supports source-window buffer size # over 2G but it 'currently performs 3-5% slower and has 1-2% worse # compression'. >=dev-util/xdelta-3.1.0 # Tim Harder <radhermit@gentoo.org> (03 Nov 2016) # Masked for testing =sys-fs/fuse-3.0.0* # Denis Dupeyron <calchan@gentoo.org> (12 Sep 2016) # Masked for testing, see bug #588894. =x11-misc/light-locker-1.7.0-r1 # Lars Wendler <polynomial-c@gentoo.org> (26 Aug 2016) # Masked while being tested and reverse deps aren't fully compatible =dev-libs/openssl-1.1* # Michał Górny <mgorny@gentoo.org> (18 Jul 2016) # Pre-release of a complete rewrite, provided for early testing. Not all # functionality is provided yet. Use --pretend to make sure correct # files will be removed. >=app-admin/eclean-kernel-1.99 # Chris Reffett <creffett@gentoo.org> (25 May 2016) # The webkit-gtk:4 backend for Xiphos has known text display issues. # Use at your own risk. =app-text/xiphos-4.0.4-r1 # James Le Cuirot <chewi@gentoo.org> (03 Apr 2016) # Masking Spring Framework for the time being as 3.2.4 is old, has # multiple vulnerabilities, and we're not likely to update it # soon. Hopefully we can revisit it when the Maven stuff works out. dev-java/spring-aop dev-java/spring-beans dev-java/spring-core dev-java/spring-expression dev-java/spring-instrument # Andreas K. Hüttel <dilfridge@gentoo.org> (03 Apr 2016) # Can exhaust all available memory depending on task # but is made available for experts who heed this warning # as newer versions produce different output. Contact # the proxied maintainer Matthew Brewer <tomboy64@sina.cn> # for questions. <=media-gfx/slic3r-1.1.9999 # José María Alonso <nimiux@gentoo.org> (24 Mar 2016) # Fails to build dev-lisp/sbcl-1.3.3 #563812 =dev-lisp/asdf-3.1.7 =dev-lisp/uiop-3.1.7 # James Le Cuirot <chewi@gentoo.org> (07 Feb 2016) # Masked until 2.0 final arrives, which hopefully won't depend on # commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the # tree should have actually been 2.0_beta1. There are no revdeps. dev-java/jcs # Andrey Grozin <grozin@gentoo.org> (04 Jan 2016) # Needs a bump and substantial ebuild rewrite =sci-mathematics/reduce-20110414-r1 # Michał Górny <mgorny@gentoo.org> (30 Oct 2015) # Uses unsafe ioctls that could result in data corruption. Upstream # is working on replacing them in the wip/dedup-syscall branch. # Keep it masked until they are done. sys-fs/duperemove is # the suggested replacement for the meantime. sys-fs/bedup # Ian Delaney <idella4@gentoo.org> (27 Oct 2015) # fails to build dev-lisp/sbcl-1.2.16 #563812 # mgorny: dev-lisp/uiop as version-bound revdep =dev-lisp/asdf-3.1.6 =dev-lisp/uiop-3.1.6 # Mike Pagano <mpagano@gentoo.org> (2 Oct 2015) # A regression in kernel 4.1.9 could lead to a system # lockup. This has been fixed in gentoo-sources-4.1.9-r1 # and the hope is that this patch will make it to 4.1.10 # Expires (2 Oct 2017) =sys-kernel/vanilla-sources-4.1.9 =sys-kernel/gentoo-sources-4.1.9 # Lars Wendler <polynomial-c@gentoo.org> (20 Aug 2015) # Releases are not from original upstream but from a fork. # Masked as requested by vapier. ~net-misc/iputils-20160308 ~net-misc/iputils-20161105 # Sebastian Pipping <sping@gentoo.org> (8 Aug 2015) # Upcoming, too young to go into testing unmasked dev-libs/iniparser:4 # Davide Pesavento <pesa@gentoo.org> (23 Jul 2015) # Standalone version of qtwebkit from the 2.3 upstream branch. # Needs revdep testing. Bug #388207. =dev-qt/qtwebkit-4.10* # Justin Lecher <jlec@gentoo.org> (28 Feb 2015) # Unfixed security problems # No upstream support anymore # CVE-2015-{0219,0220,0221,0222,5145} # CVE-2016-{9013,9014},CVE-2017-{7233,7234} # #536586 # #554864 =dev-python/django-1.4* =dev-python/django-1.5* =dev-python/django-1.6* =dev-python/django-1.7* =dev-python/django-1.9* # Jeroen Roovers <jer@gentoo.org> (12 Dec 2014) # The 96 and 173 branches are no longer supported and remain vulnerable to # CVE-2014-8298 (bug #532342). You may be able to mitigate the vulnerability by # disabling GLX indirect rendering protocol support on the X server. <x11-drivers/nvidia-drivers-304 # Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014) # Masked for testing, presently fails upstream testsuite: # FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1 # FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed. # FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1 =sys-libs/db-6.1* =sys-libs/db-6.2* # Ulrich Müller <ulm@gentoo.org> (15 Jul 2014) # Permanently mask sys-libs/lib-compat and its reverse dependencies, # pending multiple security vulnerabilities and QA issues. # See bugs #515926 and #510960. sys-libs/lib-compat sys-libs/lib-compat-loki games-action/mutantstorm-demo games-action/phobiaii games-fps/rtcw games-fps/unreal games-strategy/heroes3 games-strategy/heroes3-demo games-strategy/smac # Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014) # Masked for proper testing. (Major updates in the code). ~dev-perl/PortageXS-0.2.12 # Hans de Graaff <graaff@gentoo.org> (1 Jun 2014) # Mask new rubinius version for testing. This needs more work # to fully integrate it in our Gentoo ruby handling. Volunteers # welcome. =dev-lang/rubinius-3* # Matti Bickel <mabi@gentoo.org> (22 Apr 2014) # Masked slotted lua for testing # William Hubbs <williamh@gentoo.org> (07 Aug 2016) # Taking this mask since Mabi is retired # Rafael Martins <rafaelmartins@gentoo.org> (04 Dec 2016) # Adding Lua 5.3 to mask app-eselect/eselect-lua =dev-lang/lua-5.1.5-r2 =dev-lang/lua-5.1.5-r100 =dev-lang/lua-5.1.5-r101 =dev-lang/lua-5.2.3 =dev-lang/lua-5.2.3-r1 =dev-lang/lua-5.2.3-r2 =dev-lang/lua-5.3.3 =dev-lang/lua-5.3.3-r1 # Mike Gilbert <floppym@gentoo.org> (04 Mar 2014) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. www-plugins/chrome-binary-plugins:unstable # Justin Lecher <jlec@gentoo.org> (14 Oct 2013) # Seems to break all deps - API change? >=sci-libs/metis-5 # Sergey Popov <pinkbyte@gentoo.org> (18 Sep 2013) # Mask development releases of botan: # - causes many API breakages # - do not compile in some USE-flag combinations # - requires at least gcc 4.7(and possibly even 4.8 for some features) >=dev-libs/botan-1.11.0 # Michael Weber <xmw@gentoo.org> (17 Jul 2013) # Upstream next versions >=sys-boot/raspberrypi-firmware-1_pre # Richard Freeman <rich0@gentoo.org> (24 Mar 2013) # Contains known buffer overflows. Package generally works # but should not be fed untrusted input (eg from strangers). # Masked to ensure users are aware before they install. app-text/cuneiform # Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012) # Masked for testing since this is known to break nearly # every reverse dependency wrt bug 407091 >=dev-lang/lua-5.2.0 # Samuli Suominen <ssuominen@gentoo.org> (30 Oct 2011) # Masked for security bug #294253, use only at your own risk! =media-libs/fmod-3* # Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009) # These packages are not supposed to be merged directly, instead # please use sys-devel/crossdev to install them. dev-libs/cygwin dev-util/mingw-runtime dev-util/mingw64-runtime dev-util/w32api sys-libs/newlib dev-embedded/avr-libc # Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008) # Masking due to security bug #194607 and security bug #204067 games-fps/doom3 games-fps/doom3-cdoom games-fps/doom3-chextrek games-fps/doom3-data games-fps/doom3-demo games-fps/doom3-ducttape games-fps/doom3-eventhorizon games-fps/doom3-hellcampaign games-fps/doom3-inhell games-fps/doom3-lms games-fps/doom3-mitm games-fps/doom3-roe games-fps/quake4-bin games-fps/quake4-data games-fps/quake4-demo # <klieber@gentoo.org> (01 Apr 2004) # The following packages contain a remotely-exploitable # security vulnerability and have been hard masked accordingly. # # Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info # games-fps/unreal-tournament-goty games-fps/unreal-tournament-strikeforce games-fps/unreal-tournament-bonuspacks games-fps/aaut