summaryrefslogtreecommitdiff
blob: 4f95a0afefe7ef305fe37cf71062ec0d63abf823 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
####################################################################
# $Id$
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
# careful not to commit atoms that are not valid, as it can cause large-scale
# breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (23 May 2015)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---

# Robin H. Johnson <robbat2@gentoo.org> (04 Dec 2015)
# Much early testing needed
>=sys-cluster/ceph-9

# Patrice Clement <monsieurp@gentoo.org> (03 Dec 2015)
# Broken and outdated. Let's see off these 3 packages.
# Masked for removal in 30 days. See bug #567326.
app-text/epubcheck
dev-java/css-validator
dev-java/jigsaw

# Brian Evans <grknight@gentoo.org> (02 Dec 2015)
# All current targets are masked.
# New version only works on PHP7.
dev-php/pecl-taint

# Brian Evans <grknight@gentoo.org> (02 Dec 2015)
# Zend Opcache was integrated into PHP versions 5.5 and later
# Masked for removal in 30 days
dev-php/pecl-zendopcache

# Brian Evans <grknight@gentoo.org> (02 Dec 2015)
# PHP 5.4 is End Of Life and will not receive any further updates
# Please migrate to 5.5 or, preferably 5.6.
dev-lang/php:5.4
~virtual/httpd-php-5.4

# Michael Sterrett <mr_bones_@gentoo.org> (01 Dec 2015)
# No release since 2005; upstream is gone; doesn't build
# on modern systems.
# Masked for removal on 20151231
games-emulation/gnomeboyadvance

# Sergey Popov <pinkbyte@gentoo.org> (25 Nov 2015)
# Dead upstream, security issues, see bug #557856
# Removal in a month
net-p2p/bittorrent

# Andreas K. Huettel <dilfridge@gentoo.org> (22 Nov 2015)
# txt2html got accidentally packaged twice, as TextToHTML
# and as txt2html. Masking the version with nonstandard PN
# for removal in 30 days.
dev-perl/TextToHTML

# Michael Sterrett <mr_bones_@gentoo.org> (22 Nov 2015)
# Upstream is gone and doesn't build on modern systems.
# Masked for removal on 20151222
games-fps/imaze

# Patrice Clement <monsieurp@gentoo.org> (21 Nov 2015)
# Upstream dead + superseded by app-text/tidy-html5.
# Masked for removal in 30 days. See bug #564884.
# Not yet.
# app-text/htmltidy

# Michael Palimaka <kensington@gentoo.org> (18 Nov 2015)
# Ebuilds unfinished work-in-progress. Dead upstream.
# Masked for removal in 30 days. Bug #550234.
app-pda/libopensync
app-pda/libopensync-plugin-file
app-pda/libopensync-plugin-gnokii
app-pda/libopensync-plugin-gpe
app-pda/libopensync-plugin-irmc
app-pda/libopensync-plugin-moto
app-pda/libopensync-plugin-palm
app-pda/libopensync-plugin-python
app-pda/libopensync-plugin-sunbird
app-pda/libopensync-plugin-synce-rra
app-pda/libopensync-plugin-syncml
app-pda/libopensync-plugin-vformat
app-pda/libsyncml
app-pda/msynctool
app-pda/multisync-gui
app-pda/osynctool

# Patrice Clement <monsieurp@gentoo.org> (12 Nov 2015)
# Upstream dead + ebuild was never stabilised.
# Masked for removal in 30 days. See bug #276095.
net-p2p/phex

# Patrice Clement <monsieurp@gentoo.org> (12 Nov 2015)
# Upstream is somewhat alive but has made compiling POI difficult to compile
# and package. Further, POI is affected by a bunch of CVEs. It has solely two
# deps that we are masking as well since both projects are not very trendy
# and/or alive. Masked for removal in 30 days. See bug #402757.
dev-java/poi
dev-java/dbunit
dev-db/jxtray

# Justin Lecher <jlec@gentoo.org> (12 Nov 2015)
# deprecated version of the plugin. 
# sci-chemistry/pymol includes the newer version
sci-chemistry/pymol-apbs-plugin

# Brian Evans <grknight@gentoo.org> (11 Nov 2015)
# Mask latest xdebug{,-client} beta versions
# Upstream keeps changing the tarballs causing Manifest errors.
# wrt bug 565234
>=dev-php/xdebug-2.4.0_beta1
>=dev-php/xdebug-client-2.4.0_beta1

# Michał Górny <mgorny@gentoo.org> (11 Nov 2015)
# Cleaned up Python versions masked for testing:
# - python-config-X.Y compatibility removed,
# - python[23] choice is now stored in config file rather than symlink,
# - eselect-python reworked to reuse python-exec and wrap all execs,
# - ABIFLAGS reintroduced for 3.3+.
# Resulting API/ABI change can break reverse dependencies, especially
# if upstream hardcodes paths or library names.
>=app-eselect/eselect-python-20151117
=dev-lang/python-2.7.10-r4
=dev-lang/python-3.3.5-r4
=dev-lang/python-3.4.3-r4
=dev-lang/python-3.5.0-r3
>=dev-lang/python-exec-2.1

# Justin Lecher <jlec@gentoo.org> (10 Nov 2015)
# Vulnerable package CVE-2014-{1932,1933}
# Bug: 507982
dev-python/imaging

# Justin Lecher <jlec@gentoo.org> (10 Nov 2015)
# Compatibility virtual for transition from
# dev-python/imaging to dev-python/pillow
# obsolete now #508266
virtual/python-imaging

# Lars Wendler <polynomial-c@gentoo.org> (10 Nov 2015)
# Masked apache-2.4.17 due to broken REDIRECT_URL
# behavior. See Gentoo bug #565348 for more details.
=www-servers/apache-2.4.17

# Pacho Ramos <pacho@gentoo.org> (09 Nov 2015)
# Not properly installed, dead for ages, upstream
# ask people to use Zed Attack Proxy Project instead
# Removal in a month. Bug #185919
net-proxy/webscarab

# Pacho Ramos <pacho@gentoo.org> (09 Nov 2015)
# Nobody willing to maintain/bump it. Use qemu instead
# Removal in a month. Bug #200003
app-emulation/skyeye

# Pacho Ramos <pacho@gentoo.org> (09 Nov 2015)
# Upstream dead, buggy, there are many other bittorrent
# clients in the tree. See bug #210520. Removal in a month.
net-p2p/btpd

# Pacho Ramos <pacho@gentoo.org> (09 Nov 2015)
# Obsolete for a long time, see bug #231578.
# Removal in a month.
app-eselect/eselect-esd

# Pacho Ramos <pacho@gentoo.org> (09 Nov 2015)
# Dead for years, see bug #248489. Removal in a month.
dev-tex/latex-unicode

# Patrice Clement <monsieurp@gentoo.org> (07 Nov 2015)
# Duplicate package since it already exists as virtual/perl-Parse-CPAN-meta.
# Masked for removal in 30 days.
dev-perl/Parse-CPAN-Meta

# Brian Evans <grknight@gentoo.org> (06 Nov 2015)
# Mask new versions of dev-php/pecl-yaml that only work with PHP-7+
>=dev-php/pecl-yaml-2.0

# Michał Górny <mgorny@gentoo.org> (30 Oct 2015)
# Uses unsafe ioctls that could result in data corruption. Upstream
# is working on replacing them in the wip/dedup-syscall branch.
# Keep it masked until they are done. sys-fs/duperemove is
# the suggested replacement for the meantime.
sys-fs/bedup

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (29 Oct 2015)
# Mask until it is decided how to address xorg-server file collisions #564358
=x11-drivers/xf86-input-evdev-2.10.0

# Ian Delaney <idella4@gentoo.org> (27 Oct 2015)
# fails to build dev-lisp/sbcl-1.2.16 #563812
# mgorny: dev-lisp/uiop as version-bound revdep
=dev-lisp/asdf-3.1.6
=dev-lisp/uiop-3.1.6

# Justin Lecher <jlec@gentoo.org> (23 Oct 2015)
# Breaking changes #563540
=app-text/ghostscript-gpl-9.18

# Mike Frysinger <vapier@gentoo.org> (18 Oct 2015)
# apache-2.4.17 includes support for http2 now.
www-apache/mod_h2

# Pawel Hajdan, Jr. <phajdan.jr@gentoo.org> (16 Oct 2015)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
>=www-client/chromium-48

# Hans de Graaff <graaff@gentoo.org> (11 Oct 2015)
# Ruby 1.9 is no longer maintained upstream since January
# 2015, bug 536852.
# Masked for removal in 30 days.
=dev-lang/ruby-1.9*

# Mike Pagano <mpagano@gentoo.org> (2 Oct 2015)
# A regression in kernel 4.1.9 could lead to a system
# lockup.  This has been fixed in gentoo-sources-4.1.9-r1
# and the hope is that this patch will make it to 4.1.10
# Expires (2 Oct 2017)
=sys-kernel/vanilla-sources-4.1.9
=sys-kernel/gentoo-sources-4.1.9

# Andreas K. Huettel <dilfridge@gentoo.org> (19 Sep 2015)
# Masked for security reasons, bugs 516044, 552644
# Keeping it in the tree for now for users who cannot upgrade
# (commercial product, separate licenses for major versions)
=app-emulation/vmware-workstation-9*
=app-emulation/vmware-modules-271*

# Lars Wendler <polynomial-c@gentoo.org> (09 Sep 2015)
# Masked for testing
>=net-fs/samba-4.3.0

# Lars Wendler <polynomial-c@gentoo.org> (20 Aug 2015)
# Masked for testing
=net-misc/iputils-20150815
=net-misc/iputils-20150815-r1

# Brian Evans <grknight@gentoo.org> (16 Aug 2015)
# Mask new PEAR installer as it is likely to break
# many old scripts
>=dev-php/pear-1.10.0_alpha1
>=dev-php/PEAR-PEAR-1.10.0_alpha1

# Sebastian Pipping <sping@gentoo.org> (8 Aug 2015)
# Upcoming, too young to go into testing unmasked
dev-libs/iniparser:4

# Davide Pesavento <pesa@gentoo.org> (23 Jul 2015)
# Standalone version of qtwebkit from the 2.3 upstream branch.
# Needs revdep testing. Bug #388207.
=dev-qt/qtwebkit-4.10*

# Ian Delaney <idella4@gentoo.org> (21 Jul 2015)
# The revbump has versions of lua which are also masked.
# Masked until those slotted versions are unmasked
=sys-apps/roccat-tools-3.5.0-r1

# Ben de Groot <yngwin@gentoo.org> (20 Jul 2015)
# Version bump is a WIP, see bug #524242
# It works (except USE=vamp) but is not up to Gentoo standards yet
=media-sound/audacity-2.1.1

# Ian Stakenvicius <axs@gentoo.org> (16 Jul 2015)
# Mask thunerbird-24.x as it is no longer supported, but
# it remains in the tree for now in case there is a need
# for it for upgrading old user profiles, etc.
~mail-client/thunderbird-24.8.0

# Sergey Popov <pinkbyte@gentoo.org> (13 Jul 2015)
# Mask new version of Boost - it's known to cause breakages
~dev-util/boost-build-1.58.0
~dev-libs/boost-1.58.0

# Patrick Lauer <patrick@gentoo.org> (1 Jul 2015)
# Wrong version #553670
=sys-kernel/gentoo-sources-4.1.1

# Patrick Lauer <patrick@gentoo.org> (14 Jun 2015)
# Has race condition / failure modes that make systems unusable
# See #551724 and duplicates
=sys-fs/udev-init-scripts-29

# Ole Markus With <olemarkus@gentoo.org> (12 Jun 2015)
# Masking PHP 7 pre-release versions
dev-lang/php:7.0
=virtual/httpd-php-7.0

# Ryan Hill <rhill@gentoo.org> (28 Apr 2015)
# Moving to /lib/gentoo/functions.sh broke the eclass
# by changing output it relies on. See bug #504118,
# 547586, and 547962.
>=sys-devel/gcc-config-1.8-r1

# Patrick Lauer <patrick@gentoo.org> (10 Apr 2015)
# Breaks pretty much all consumers, like samba
# Mask until it's more usable
>=net-libs/gnutls-3.4.0

# Michał Górny <mgorny@gentoo.org> (28 Mar 2015)
# on behalf of gx86-multilib project <multilib@gentoo.org>
# Removed lastrited emul-linux-x86. The mask is kept post-removal
# per Arfrever's request so that the PM warns about masked packages
# being installed.
app-emulation/emul-linux-x86-baselibs
app-emulation/emul-linux-x86-cpplibs
app-emulation/emul-linux-x86-db
app-emulation/emul-linux-x86-gstplugins
app-emulation/emul-linux-x86-gtklibs
app-emulation/emul-linux-x86-gtkmmlibs
app-emulation/emul-linux-x86-medialibs
app-emulation/emul-linux-x86-motif
app-emulation/emul-linux-x86-opengl
app-emulation/emul-linux-x86-qtlibs
app-emulation/emul-linux-x86-sdl
app-emulation/emul-linux-x86-soundlibs
app-emulation/emul-linux-x86-xlibs
app-emulation/emul-linux-x86-jna

# Justin Lecher <jlec@gentoo.org> (28 Feb 2015)
# Unfixed security problems
# No upstream support anymore
# CVE-2015-{0219,0220,0221,0222,5145}
# #536586
# #554864
=dev-python/django-1.4*
=dev-python/django-1.5*
=dev-python/django-1.6*
# Not supported by any django version upstream supports
dev-python/south
dev-python/Djblets
dev-util/reviewboard

# Michał Górny <mgorny@gentoo.org> (11 Feb 2015)
# Potentially destructive to @world, bug #539746.
=sys-apps/portage-2.2.16

# Eray Aslan <eras@gentoo.org> (03 Feb 2015)
# Mask experimental software
=mail-mta/postfix-3.1*

# Sergei Trofimovich <slyfox@gentoo.org> (29 Jan 2015)
# Mask live ebuild
=dev-util/radare2-9999

# Anthony G. Basile <blueness@gentoo.org> (9 Jan 2015)
# p.mask the -9999 version
=dev-misc/i2pd-9999

# Tony Vroon <chainsaw@gentoo.org> (5 Jan 2015)
# Asterisk 13 is an LTS release but has not seen
# sufficient releases to be considered ready for
# production usage. You are welcome to have a go
# but please be careful.
=net-misc/asterisk-13*

# Aaron W. Swenson <titanofold@gentoo.org> (28 Dec 2014)
# Split ebuilds are no longer maintained. Migrate to the unified
# ebuilds invoking the following, substituting SLOT for the desired
# slot and optionally enabling the server and/or docs USE flags:
#   emerge dev-db/postgresql:SLOT
# No further action is required.
dev-db/postgresql-docs
dev-db/postgresql-base
dev-db/postgresql-server

# Jeroen Roovers <jer@gentoo.org> (12 Dec 2014)
# The 96 and 173 branches are no longer supported and remain vulnerable to
# CVE-2014-8298 (bug #532342). You may be able to mitigate the vulnerability by
# disabling GLX indirect rendering protocol support on the X server.
<x11-drivers/nvidia-drivers-304

# Sergey Popov <pinkbyte@gentoo.org> (09 Dec 2014)
# Security mask, wrt bug #529728
<app-antivirus/clamav-0.98.5

# Richard Yao <ryao@gentoo.org> (29 Nov 2014)
# Depends on media-libs/lcms:0, which has unspecified security vulnerabilities.
# Masked until mscms.dll.so that links to media-libs/lcms:2 is backported from
# a newer wine, bug #526806.
<app-emulation/crossover-bin-12.5.0

# Patrick Lauer <patrick@gentoo.org> (24 Nov 2014)
# Missing deps, uninstallable
www-apps/trac-downloads

# Markos Chandras <hwoarang@gentoo.org> (18 Nov 2014)
# Mask latest development version for testing
=x11-misc/lightdm-1.17*

# Mike Pagano <mpagano@gentoo.org> (16 Oct 2014)
# A regression in kernels 3.17.0 lead to file system corruption
# for affected systems. This has been fixed in >= 3.17.1
# Expires (16 Oct 2016)
# See Bug #525548.
=sys-kernel/vanilla-sources-3.17.0
=sys-kernel/gentoo-sources-3.17.0
=sys-kernel/aufs-sources-3.17.0

# Michał Górny <mgorny@gentoo.org> (15 Sep 2014)
# Causes undefined references few layers down (in mediastreamer),
# someone needs to investigate.
>=net-libs/libzrtpcpp-4

# Christian Faulhammer <fauli@gentoo.org> (02 Sep 2014)
# website not working anymore and will stay like this,
# tool is useless. See bug 504734
app-admin/hwreport

# Sergey Popov <pinkbyte@gentoo.org> (28 Aug 2014)
# Security mask, wrt bug #519650
# If your application is broken due to this mask,
# please file a separate bug report
<net-dialup/ppp-2.4.7

# Samuli Suominen <ssuominen@gentoo.org> (23 Aug 2014)
# Some compile problems with media-libs/openexr >= 2.2.0
# See https://bugs.gentoo.org/520240 for more information
>=media-libs/ilmbase-2.2.0
>=media-libs/openexr-2.2.0
>=media-gfx/openexr_viewers-2.2.0

# Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014)
# Masked for testing, presently fails upstream testsuite:
# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1
# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed.
# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1
=sys-libs/db-6.1*

# Yixun Lan <dlan@gentoo.org> (17 Jul 2014)
# Masked for proper testing. (Major updates in the code).
=net-misc/tinc-1.1_pre*

# Ulrich Müller <ulm@gentoo.org> (15 Jul 2014)
# Permanently mask sys-libs/lib-compat and its reverse dependencies,
# pending multiple security vulnerabilities and QA issues.
# See bugs #515926 and #510960.
sys-libs/lib-compat
sys-libs/lib-compat-loki
games-action/mutantstorm-demo
games-action/phobiaii
games-fps/rtcw
games-fps/unreal
games-strategy/heroes3
games-strategy/heroes3-demo
games-strategy/smac
sys-block/afacli

# Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014)
# Masked for proper testing. (Major updates in the code).
=dev-perl/PortageXS-0.02.12

# Robin H. Johnson <robbat2@gentoo.org> (21 Jun 2014)
# Needs work, but infra needs it for new VM boxes
app-emulation/openstack-guest-agents-unix
app-emulation/xe-guest-utilities

# Tom Wijsman <TomWij@gentoo.org> (6 Jun 2014)
# Mask gentoo-sources ebuilds that are affected with security bug CVE-2014-3153.
#
# Pinkie Pie discovered an issue in the futex subsystem that allows a
# local user to gain ring 0 control via the futex syscall. An
# unprivileged user could use this flaw to crash the kernel (resulting
# in denial of service) or for privilege escalation.
#
# https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-3153
# Expires (6 Jun 2016)
=sys-kernel/gentoo-sources-3.2.58-r2
~sys-kernel/gentoo-sources-3.4.90
=sys-kernel/gentoo-sources-3.4.91
~sys-kernel/gentoo-sources-3.10.40
=sys-kernel/gentoo-sources-3.10.41
~sys-kernel/gentoo-sources-3.12.20
=sys-kernel/gentoo-sources-3.12.21
~sys-kernel/gentoo-sources-3.14.4
=sys-kernel/gentoo-sources-3.14.5

# Hans de Graaff <graaff@gentoo.org> (1 Jun 2014)
# Mask new rubinius version for testing. Current versions have some
# issues that should be solved in the forthcoming rubinius 2.3
# release.
=dev-lang/rubinius-2*

# Markos Chandras <hwoarang@gentoo.org> (30 May 2014)
# Mask beta release
=app-i18n/transifex-client-0.11_beta

# Tom Wijsman <TomWij@gentoo.org> (30 May 2014)
# CVE-2012-1721 - Remote Code Execution Vulnerability
#
# Vulnerable: IBM Java SE 5.0 SR12-FP5
# URL:        http://www.securityfocus.com/bid/53959/
dev-java/ibm-jdk-bin:1.5

# Tom Wijsman <TomWij@gentoo.org> (03 May 2014)
# Needs to be further tested and revised by both Java and Ruby herds.
>=dev-java/jruby-1.7.12
dev-ruby/bitescript
dev-ruby/bouncy-castle-java
dev-ruby/duby
dev-ruby/jruby-openssl
dev-ruby/weakling

# Matti Bickel <mabi@gentoo.org> (22 Apr 2014)
# Masked slotted lua for testing
app-eselect/eselect-lua
=dev-lang/lua-5.1.5-r2
=dev-lang/lua-5.1.5-r100
=dev-lang/lua-5.2.3
=dev-lang/lua-5.2.3-r1

# Gilles Dartiguelongue <eva@gentoo.org> (06 Apr 2014)
# Old release, never stable, not working anymore
# See bug #327837, #382667, #492474
<media-video/pitivi-0.90

# Alexander Vershilov <qnikst@gentoo.org> (02 Apr 2014)
# Multiple vulnerabilities, see #504724, #505860
<sys-kernel/openvz-sources-2.6.32.85.17

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (26 Mar 2014)
# Affected by multiple vulnerabilities, #445916, #471098 and #472280
<media-libs/mesa-9.1.4

# Sergey Popov <pinkbyte@gentoo.org> (20 Mar 2014)
# Security mask of vulnerable versions, wrt bug #424167
<net-nds/openldap-2.4.35

# Lars Wendler <polynomial-c@gentoo.org> (14 Mar 2014)
# Masked for security reasons.
# Do NOT remove this mask or the affected packages without speaking to
# bonsaikitten first! You have been warned!
<net-fs/samba-3.6

# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Samuli Suominen <ssuominen@gentoo.org> (03 Mar 2014)
# gnome-extra/polkit-gnome is the "GTK+ polkit agent" and has no extra
# dependencies that installing lxde-base/lxpolkit would solve, thus
# the only motivation for creation of lxpolkit was to drop the word
# 'gnome' from the package's name. The packages are near identical
# by the outlook, determined by the used GTK+ theme.
#
# Raise yourself above the word 'gnome' and install the de facto GTK+ agent:
# emerge -C lxpolkit
# emerge -1 polkit-gnome
#
# Removal will happen at later date, but since there is no hurry, give it
# until rest of the year.
lxde-base/lxpolkit

# Tim Harder <radhermit@gentoo.org> (04 Feb 2014)
# Mask development releases
=media-sound/lilypond-2.19*

# Mike Gilbert <floppym@gentoo.org> (19 Jan 2014)
# To prevent accidental switching of release channels (bug 498306),
# google-chrome has been split into 3 packages:
#
# www-client/google-chrome
# www-client/google-chrome-beta
# www-client/google-chrome-unstable
#
# The stable channel remains as www-client/google-chrome, but has been
# switched to SLOT="0".
#
# Please unmerge your currently installed version and remerge one of the new
# packages.
www-client/google-chrome:beta
www-client/google-chrome:stable
www-client/google-chrome:unstable

# Tony Vroon <chainsaw@gentoo.org> (13 Jan 2014)
# Asterisk 12 is a short term "standard" release
# containing significant architectural changes.
# This is not for your production kit quite yet.
=net-misc/asterisk-12*

# Justin Lecher <jlec@gentoo.org> (14 Oct 2013)
# Seems to break all deps - API change?
>=sci-libs/metis-5

# Diego Elio Pettenò <flameeyes@gentoo.org> (13 Oct 2013)
# Requires a NPN support in mod_ssl (www-server/apache) to work.
# See #471512 for more details.
www-apache/mod_spdy

# Agostino Sarubbo <ago@gentoo.org> (23 Sep 2013)
# Masked because of vulnerable versions
# DO NOT REMOVE OLDER VERSIONS
# temporarily disabled as it also breaks s390 keywording
#<net-nds/openldap-2.4.35

# Tom Wijsman <TomWij@gentoo.org> (18 Sep 2013)
# Temporarily masked due to QA issue during attempts to unbundle dependencies;
# we need to check the jar contents to check for differences, especially the
# stax dependency seems to be problematic in this regard but we'll check all of
# them to ensure that unbundling doesn't hurt some missed functionality.
# Bug #471942 tracks the progress of these unbundling efforts.
>=app-admin/ec2-api-tools-1.6.7.2-r4

# Sergey Popov <pinkbyte@gentoo.org> (18 Sep 2013)
# Mask development releases of botan:
# - causes many API breakages
# - do not compile in some USE-flag combinations
# - requires at least gcc 4.7(and possibly even 4.8 for some features)
>=dev-libs/botan-1.11.0

# Julian Ospald <hasufell@gentoo.org> (21 Jul 2013)
# Mask all unfetchable versions and those with tons of random
# bugs and segfaults (all). Don't ask for a version bump unless
# there is a working release.
sci-geosciences/googleearth

# Chris Reffett <creffett@gentoo.org> (20 Jul 2013)
# Uses vulnerable versions of bzip2, but these versions are
# necessary to reconstruct older archives. Use at your own risk.
=app-portage/deltup-0.4.5

# Michael Weber <xmw@gentoo.org> (17 Jul 2013)
# Upstream next versions
>=sys-boot/raspberrypi-firmware-1_pre

# Tom Wijsman <TomWij@gentoo.org> (30 Jun 2013)
# Sun JDK and JRE contain critical vulnerabilities and receive no further
# updates; masking to make users aware of this, users that still need this
# package and have no alternative can unmask at their own risk. See bug #473830.
#
# This is continued by Oracle Corporation, which has acquired Sun Microsystems
# in early 2010; as per https://en.wikipedia.gentoo.org/wiki/Sun_acquisition_by_Oracle
#
# Users are suggested to upgrade to one of the newer Oracle packages like
# dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another
# alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
#
# Most of these packages provide a jce USE flag for those whom need the
# Java Cryptographic Extension Unlimited Strength Policy USE flag; whether that
# works depends from VM to VM, it seems to work for most except for the IBM VMs.
dev-java/sun-jdk
dev-java/sun-jre-bin
dev-java/sun-jce-bin

# Julian Ospald <hasufell@gentoo.org> (26 Jun 2013)
# Depends on masked dev-lang/lua-5.2
=games-emulation/sdlmame-0.149
=games-emulation/sdlmess-0.149

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (25 Jun 2013)
# Mask new ptlib/opal for breakage, tracked in bug #474742
# Lars Wendler <polynomial-c@gentoo.org> (29 Apr 2014)
# Adjusted mask so newer versions get covered as well.
>=net-libs/ptlib-2.12.0
>=net-libs/opal-3.12.0

# Pacho Ramos <pacho@gentoo.org> (15 Jun 2013)
# Upstream stalled, improper rendering (#470818),
# use app-editors/efte instead.
=app-editors/fte-20110708

# Patrick Lauer <patrick@gentoo.org> (21 May 2013)
# broken dependencies -> uninstallable #470712
app-portage/g-ctan

# Michael Weber <xmw@gentoo.org> (18 Apr 2013)
# Masked due test failures
=app-arch/advancecomp-1.17

# Sergey Popov <pinkbyte@gentoo.org> (02 Apr 2013)
# Masking =media-libs/ffmpegsource-2.17.4_pre753
# by maintainer's request.
# This version does not work properly, see bug #464078
=media-libs/ffmpegsource-2.17.4_pre753

# Richard Freeman <rich0@gentoo.org> (24 Mar 2013)
# Contains known buffer overflows.  Package generally works
# but should not be fed untrusted input (eg from strangers).
# Masked to ensure users are aware before they install.
app-text/cuneiform

# Tom Wijsman <TomWij@gentoo.org> (12 Mar 2013)
# 2.5.* has known security and other issues due to an affected
# bundled ffmpeg, see bugs #446468 and #444262.
<media-video/avidemux-2.6.2

# Sven Wegener <swegener@gentoo.org> (21 Dec 2012)
# temporary mask for socket location change
=app-misc/screen-4.0.3-r8

# Rick Farina <zerochaos@gentoo.org> (21 Dec 2012)
# madwifi has been replaced by ath5k and ath9k in kernel
# drivers and is subject to numerous long standing bugs
# stable wpa_supplicant sometimes wants madwifi-ng-tools
#net-wireless/madwifi-ng-tools
net-wireless/madwifi-ng

# Pacho Ramos <pacho@gentoo.org> (25 Oct 2012)
# obexd changed its API without any warning, it's recommended to ship
# 0.46 until https://bugzilla.gnome.org/682106 is fixed to prevent
# bluetooth-sendto breakage.
>=app-mobilephone/obexd-0.47

# Ralph Sennhauser <sera@gentoo.org> (18 Jul 2012)
# Unmaintained, multiple vulnarabilities. #351626
# A more recent source build maintained by the community is available in the
# seden overlay. A more recent binary is available in the java-overlay.
<=dev-util/eclipse-sdk-3.5.1-r1

# Robin H. Johnson <robbat2@gentoo.org> (09 Feb 2012)
# Needs to be slotted better
=dev-libs/yaz-4*

# Andreas K. Huettel <dilfridge@gentoo.org> (22 Mar 2012)
# Even its author admits that it's an ugly hack. Crashes e.g.
# firefox with kde-4.8. Unmask at your own risk.
kde-misc/kgtk

# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012)
# Masked for testing since this is known to break nearly
# every reverse dependency wrt bug 407091
>=dev-lang/lua-5.2.0

# Samuli Suominen <ssuominen@gentoo.org> (30 Oct 2011)
# Masked for security bug #294253, use only at your own risk!
=media-libs/fmod-3*

# Peter Volkov <pva@gentoo.org> (23 Jul 2011)
# Mask release candidates
=dev-libs/guiloader-2.99.0
=dev-libs/guiloader-c++-2.99.0
=dev-util/crow-designer-2.99.0

# Marijn Schouten <hkBst@gentoo.org> (07 April 2011)
# Masked for number of issues, but can be used to
# test against if people are impatient ;P
# Known issues:
# - Broken emacs support (ulm has promised to look)
# - doesn't build when boehm-gc is built without threads
# - no SLOTting yet!
=dev-scheme/guile-2.0.0

# Ryan Hill <dirtyepic@gentoo.org> (30 Mar 2011)
# Masked indefinitely (until 0.40 is released).
# https://bugs.gentoo.org/354423
>=app-pda/libopensync-0.30
>=app-pda/libopensync-plugin-file-0.30
>=app-pda/libopensync-plugin-irmc-0.30
>=app-pda/libopensync-plugin-palm-0.30
>=app-pda/libopensync-plugin-python-0.30
app-pda/libopensync-plugin-syncml
app-pda/libopensync-plugin-vformat
app-pda/osynctool

# Ryan Hill <dirtyepic@gentoo.org> (30 Mar 2011)
# Work in progress
# https://bugs.gentoo.org/show_bug.cgi?id=354423
app-pda/libopensync-plugin-gnokii
app-pda/libopensync-plugin-gpe
app-pda/multisync-gui

# Markos Chandras <hwoarang@gentoo.org> (01 Nov 2010)
# Masking alpha releases
net-analyzer/ncrack

# Luca Barbato <lu_zero@gentoo.org> (21 Jul 2010)
# Not ready for public consumption, clashes with current mesa-git
media-libs/shivavg

# Stefan Briesenick <sbriesen@gentoo.org> (21 Jul 2010)
# doesn't compile against latest media-libs/spandsp.
# not needed anymore for Asterisk 1.6.
net-misc/asterisk-spandsp_codec_g726

# Mike Frysinger <vapier@gentoo.org> (07 Mar 2010)
# Very old packages that people should have upgraded away from
# long ago.  Courtesy mask ... time to upgrade.
# Added <sys-fs/e2fsprogs as well (halcy0n)
<sys-libs/e2fsprogs-libs-1.41.8
<sys-fs/e2fsprogs-1.41.9

# Robert Piasek <dagger@gentoo.org> (23 Feb 2010)
# Masking libmapi as it depends on masked samba4
>=net-libs/libmapi-0.9

# Peter Alfredsen <loki_val@gentoo.org> (21 Oct 2009)
# Masked because this needs a patch to be applied to portage
# to not install the kitchensink and everything else
# into /usr/src/debug with FEATURES=installsources
=dev-util/debugedit-4.4.6-r2

# Diego E. Pettenò <flameeyes@gmail.com> (09 Oct 2009)
# Untested yet; documented only in Russian, help is appreciated.
sys-auth/pam_keystore

# Diego E. Pettenò <flameeyes@gentoo.org> (08 Aug 2009)
#  on behalf of QA Team
#
# Mass-masking of live ebuilds; we cannot guarantee working state of
# live ebuilds, nor the availability of the server hosting them. As
# per QA team policy, all these need to be kept masked by default, if
# available in the tree.
~app-i18n/skk-jisyo-9999
=app-misc/sleepyhead-9999
=app-pda/libsyncml-9999
=app-pda/libopensync-9999
=app-pda/osynctool-9999
=app-pda/libopensync-plugin-file-9999
=app-pda/libopensync-plugin-gnokii-9999
=app-pda/libopensync-plugin-gpe-9999
=app-pda/libopensync-plugin-irmc-9999
=app-pda/libopensync-plugin-palm-9999
=app-pda/libopensync-plugin-python-9999
=app-pda/libopensync-plugin-syncml-9999
=app-pda/libopensync-plugin-vformat-9999
app-portage/layman-dbtools
=www-plugins/google-talkplugin-9999

# Tiziano Müller <dev-zero@gentoo.org> (08 Apr 2009)
# pre-releases
>=app-editors/gobby-0.4.91

# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-libs/cygwin
dev-util/mingw-runtime
dev-util/mingw64-runtime
dev-util/w32api
sys-libs/newlib
dev-embedded/msp430-binutils
dev-embedded/msp430-gcc
dev-embedded/msp430-gdb
dev-embedded/msp430-libc
dev-embedded/msp430mcu
dev-embedded/avr-libc

# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008)
# Masking due to security bug #194607 and security bug #204067
games-fps/doom3
games-fps/doom3-cdoom
games-fps/doom3-chextrek
games-fps/doom3-data
games-fps/doom3-demo
games-fps/doom3-ducttape
games-fps/doom3-eventhorizon
games-fps/doom3-hellcampaign
games-fps/doom3-inhell
games-fps/doom3-lms
games-fps/doom3-mitm
games-fps/doom3-phantasm
games-fps/doom3-roe
games-fps/quake4-bin
games-fps/quake4-data
games-fps/quake4-demo

# MATSUU Takuto <matsuu@gentoo.org> (05 Apr 2007)
# to be tested, seems unstable
>=app-i18n/scim-anthy-1.3.0

# Tavis Ormandy <taviso@gentoo.org> (21 Mar 2006)
# masked pending unresolved security issues #127167
games-roguelike/slashem

# Tavis Ormandy <taviso@gentoo.org> (21 Mar 2006)
# masked pending unresolved security issues #125902
games-util/hearse

# Robin H. Johnson <robbat2@gentoo.org> (11 Feb 2006)
# zlib interaction is badly broken. See bug #124733.
=dev-vcs/cvs-1.12.13*

# <klieber@gentoo.org> (01 Apr 2004)
# The following packages contain a remotely-exploitable
# security vulnerability and have been hard masked accordingly.
#
# Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info
#
games-fps/unreal-tournament-goty
games-fps/unreal-tournament-strikeforce
games-fps/unreal-tournament-bonuspacks
games-fps/aaut