diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /profiles/package.mask |
reinit the tree, so we can have metadata
Diffstat (limited to 'profiles/package.mask')
-rw-r--r-- | profiles/package.mask | 849 |
1 files changed, 849 insertions, 0 deletions
diff --git a/profiles/package.mask b/profiles/package.mask new file mode 100644 index 000000000000..8e46d08ee12f --- /dev/null +++ b/profiles/package.mask @@ -0,0 +1,849 @@ +#################################################################### +# +# When you add an entry to the top of this file, add your name, the date, and +# an explanation of why something is getting masked. Please be extremely +# careful not to commit atoms that are not valid, as it can cause large-scale +# breakage, especially if it ends up in the daily snapshot. +# +## Example: +## +## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012) +## # Masking these versions until we can get the +## # v4l stuff to work properly again +## =media-video/mplayer-0.90_pre5 +## =media-video/mplayer-0.90_pre5-r1 +# +# - Best last rites (removal) practices - +# Include the following info: +# a) reason for masking +# b) bug # for the removal (and yes you should have one) +# c) date of removal (either the date or "in x days") +# +## Example: +## +## # Dev E. Loper <developer@gentoo.org> (23 May 2015) +## # Masked for removal in 30 days. Doesn't work +## # with new libfoo. Upstream dead, gtk-1, smells +## # funny. (bug #987654) +## app-misc/some-package + +#--- END OF EXAMPLES --- + +# Aaron Bauman <bman@gentoo.org> (8 October 2017) +# severely vulnerable and unmaintained sources. +# Masked for removal in 30 days. Bug #627924 +sys-kernel/tuxonice-sources + +# Michał Górny <mgorny@gentoo.org> (05 Oct 2017) +# (on behalf of QA) +# Rogue version bumps that reintroduce QA violations that were fixed +# in #598527 and #598529, breaking the current verison +# of app-portage/eix as a result, #633424. Do not reintroduce without +# prior review from QA. +=app-shells/push-3.0 +=app-shells/quoter-4.0 + +# Andreas Sturmlechner <asturm@gentoo.org> (04 Oct 2017) +# Unmaintained KCM for a kcmshell that does not exist anymore. +# Depends on dead Qt4. Masked for removal in 30 days. Bug #629236 +x11-libs/compizconfig-backend-kconfig4 + +# Patrice Clement <elvis@magic.io> (01 Oct 2017) +# Mask Atom betas for testing. +app-editors/atom:beta + +# Michael Palimaka <kensington@gentoo.org> (01 Oct 2017) +# Fails to build (bug #622632). Requires dead and vulnerable qtwebkit4 +# (bug #620710). Masked for removal in 30 days. +media-sound/lastfm-desktop + +# Michael Palimaka <kensington@gentoo.org> (30 Sep 2017) +# Depends on dead qt4. Dead upstream. +# Masked for removal in 30 days. +net-misc/dnetstats + +# Michael Palimaka <kensington@gentoo.org> (30 Sep 2017) +# Depends on dead qt4. Dead upstream. +# Masked for removal in 30 days. +app-office/qcharselect + +# Michael Palimaka <kensington@gentoo.org> (30 Sep 2017) +# Blocks cleanup of dead and vulnerable qtwebkit4. +# Depends on dead qt4. Dead upstream. +# Masked for removal in 30 days. Bug #624244. +sci-chemistry/mongochem + +# Michael Palimaka <kensington@gentoo.org> (29 Sep 2017) +# Various regressions compared to previous release. +# Masked pending more information from upstream. +>=x11-misc/albert-0.13.0 + +# Michael Palimaka <kensington@gentoo.org> (26 Sep 2017) +# Requires dead Qt 4. Dead upstream. +# Masked for removal in 30 days. +kde-misc/konstruktor + +# Michael Palimaka <kensington@gentoo.org> (26 Sep 2017) +# Requires dead Qt 4. Dead upstream. +# Masked for removal in 30 days. +kde-misc/kookie + +# Andreas Sturmlechner <asturm@gentoo.org> (26 Sep 2017) +# Requires dead Qt 4. Dead upstream. Use media-sound/cantata +# instead, which originally started as a QtMPC fork but is +# much more advanced. Masked for removal in 30 days. +media-sound/qtmpc + +# Andreas K. Huettel <dilfridge@gentoo.org> (23 Sep 2017) +# Broken on Perl 5.26 (bug 623096), no fix in sight. No consumers. +# Removal in 30 days. +dev-perl/rpm-build-perl + +# Hans de Graaff <graaff@gentoo.org> (23 Sep 2017) Mask old +# unmaintained slots for removal in 30 days. Upgrade to the newer +# slots. +dev-ruby/capybara:0 +dev-ruby/xpath:0 + +# Bernard Cafarelli <voyageur@gentoo.org> (20 Sep 2017) +# Requires qt 5.8, not yet in tree. Bug #631570 +>=media-video/orion-1.6.0 + +# Michael Palimaka <kensington@gentoo.org> (21 Sep 2017) +# Requires dead Qt 4. Dead upstream. +# Masked for removal in 30 days. +media-libs/herqq + +# Patrice Clement <monsieurp@gentoo.org> (20 Sep 2017) +# Upstream has been dead for years. +# Masked for removal in 30 days. +dev-java/db4o-jdk5 +dev-java/db4o-jdk11 +dev-java/db4o-jdk12 + +# Andrey Grozin <grozin@gentoo.org> (19 Sep 2017) +# This package was a stopgap to bump dev-python/spyder to 3.* +# Now >=dev-python/rope-0.10.7 supports python3, use it instead +# Masked for removal in 30 days. +dev-python/rope_py3k + +# Pawel Hajdan, Jr. <phajdan.jr@gentoo.org> (18 Sep 2017) +# Dev channel releases are only for people who are developers or want more +# experimental features and accept a more unstable release. +>=www-client/chromium-63 + +# Kent Fredric <kentnl@gentoo.org> (18 Sep 2017) +# Dead upstream, requires Module::Install. May be kept +# if somebody can make an argument for it. Bug #631334 +# Masked for removal in 30 days. +dev-perl/PerlIO-via-symlink + +# Andreas Sturmlechner <asturm@gentoo.org> (16 Sep 2017) +# Unfortunately broken esp. with USE=python. Bugs #623780, #631064 +=sci-geosciences/qgis-2.18.12-r100 + +# Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) +# Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. +# Masked for removal in 30 days. Bug #628224. +app-editors/qwriter + +# Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) +# Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. +# Masked for removal in 30 days. Bug #628228. +dev-util/kscope + +# Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) +# Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. +# Masked for removal in 30 days. Bug #628230. +dev-util/monkeystudio + +# Michael Palimaka <kensington@gentoo.org> (11 Sep 2017) +# Requires dead Qt 4. Dead upstream. Fails to build with new x11-libs/qscintilla. +# Masked for removal in 30 days. Bug #628234. +dev-util/universalindentgui + +# Andreas Sturmlechner <asturm@gentoo.org> (10 Sep 2017) +# Requires dead Qt 4. Dead upstream. Does not work. +# Use net-misc/dropbox or kde-apps/dolphin-plugins instead. +# Masked for removal in 30 days. +kde-misc/kfilebox + +# Andreas Sturmlechner <asturm@gentoo.org> (10 Sep 2017) +# Requires dead Qt 4. Dead upstream. Unmaintained. +# Use media-video/kmplayer or kde-apps/dragon instead. +# Masked for removal in 30 days. +media-video/kplayer + +# Michael Palimaka <kensington@gentoo.org> (10 Sep 2017) +# Requires dead Qt 4. Dead upstream. Build failures. +# Bug #622548, #623574. Masked for removal in 30 days. +net-libs/qmf + +# Michael Palimaka <kensington@gentoo.org> (10 Sep 2017) +# Requires dead Qt 4. Dead upstream. Use Qt 5 instead. +# Depends on vulnerable gstreamer:0.10. +# Masked for removal in 30 days. +dev-qt/qt-mobility + +# Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) +# Requires dead Qt 4. Dead upstream. +# Masked for removal in 30 days. +app-text/kding + +# Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) +# Requires dead Qt 4. Dead upstream. Unmaintained. +# Masked for removal in 30 days. +sys-process/procexp + +# Michael Palimaka <kensington@gentoo.org> (09 Sep 2017) +# Requires dead Qt 4. Dead upstream. Unmaintained. +# Masked for removal in 30 days. +x11-apps/python-whiteboard + +# Patrice Clement <monsieurp@gentoo.org> (09 Sep 2017) +# Python 3 port is almost complete with version 0.6.0. Users might run into +# minor bumps here and there which is why the mask is still in place for the +# time being. +>=dev-java/javatoolkit-0.6.0 + +# Austin English <wizardedit@gentoo.org> (05 Sep 2017) +# Download has been broken for nearly a year, no alternative found +# Bug: https://bugs.gentoo.org/599390 +# Removal in 30 days +games-rpg/nwmouse +games-rpg/nwmovies +games-rpg/nwn +games-rpg/nwn-cep +games-rpg/nwn-data +games-rpg/nwn-penultima +games-rpg/nwn-penultimarerolled +games-rpg/nwn-shadowlordsdreamcatcherdemon + +# Gilles Dartiguelongue <eva@gentoo.org> (04 Sep 2017) +# Incompatible changes in API in Enchant 2. Bug #629838. +>=app-text/enchant-2 + +# Lars Wendler <polynomial-c@gentoo.org> (03 Sep 2017) +# Masked because a new object API was introduced which breaks consumers: +# https://cgit.freedesktop.org/poppler/poppler/commit/poppler/Object.h?id=9773c1534668d84b8267c3e5c9d612076fa231a5 +# See also our tracker bug: https://bugs.gentoo.org/629836 +>=app-text/poppler-0.58.0 + +# Gilles Dartiguelongue <eva@gentoo.org> (2 Sep 1017) +# Gnome 3.26 package mask +>=app-text/libgepub-0.5 + +# Aaron Bauman <bman@gentoo.org> (1 Sep 2017) +# vulnerable per bug #513818 and dead upstream +# net-analyzer/ntopng is available +net-analyzer/ntop + +# Anthony G. Basile <blueness@gentoo.org> (27 Aug 2017) +# Upstream is no longer providing public patches +sys-kernel/hardened-sources + +# Patrice Clement <monsieurp@gentoo.org> (23 Aug 2017) +# Packages depending on this library need to be tested first before +# it is unmasked. Possibly some slotting is still needed. +# Package testing tracked in bug #611022. +>=dev-libs/msgpack-1.4.2 + +# Hanno Boeck <hanno@gentoo.org> (21 Aug 2017) +# Open security bugs, no upstream, bug 628432 +# Alternatives: app-arch/libarchive, app-arch/unar +app-arch/unrar-gpl + +# Michał Górny <mgorny@gentoo.org> (20 Aug 2017) +# Pre-release of a new incompatible version that breaks the only reverse +# dependency in Gentoo. Masked until 2.0.0 proper is released, or +# dev-cpp/libjson-rpc-cpp is fixed, whichever happens first. +>=dev-cpp/catch-2 + +# Sébastien Fabbro <bicatali@gentoo.org> (19 Aug 2017) +# ipython-6 is python-3 only and causes circular dependencies +# Unset python_targets_python2_7 for ipykernel and ipyparallel if needed. +>=dev-python/ipython-6 + +# Michael Orlitzky <mjo@gentoo.org> (18 Aug 2017) +# Last version from 2011, and has a vulnerable init script +# (bug 603382). The proxy-maintainer is unknown to bugzilla, +# and the previous maintainer jmbsvicetto is OK with masking. +<net-misc/vde-2.3.2-r4 + +# Mats Lidell <matsl@gentoo.org> (17 Aug 2017) +# Masked ede and all its dependencies due to security reasons. +# bug #398241 +app-xemacs/ede +app-xemacs/semantic +app-xemacs/jde +app-xemacs/xslt-process +app-xemacs/xetla +app-xemacs/cogre +app-xemacs/ecb +app-xemacs/xemacs-packages-all + +# Lars Wendler <polynomial-c@gentoo.org> (06 Aug 2017) +# Masked for security reasons: +# https://bugs.gentoo.org/600214 +<app-emulation/virtualbox-5.0.40 +<app-emulation/virtualbox-additions-5.0.40 +<app-emulation/virtualbox-bin-5.0.40 +<app-emulation/virtualbox-extpack-oracle-5.0.40 +<app-emulation/virtualbox-guest-additions-5.0.40 +<app-emulation/virtualbox-modules-5.0.40 +<x11-drivers/xf86-video-virtualbox-5.0.40 + + +# Bernard Cafarelli <voyageur@gentoo.org> (04 Aug 2017) +# Temporary mask as current net-ftp/filezilla does not compile +# with it, bug #626292 +=dev-libs/libfilezilla-0.10.0 + +# Alexey Shvetsov <alexxy@gentoo.org> (26 Jul 2017) +# Its pre release so better to mask it +=media-gfx/freecad-0.17_pre* + +# Kent Fredric <kentnl@gentoo.org> (21 Jul 2017) +# Masked due to serious regression that introduces widespread data +# corruption when storing data in blobs. Masked, because any code +# that is written to use this version is now dependent on this version +# and older versions will corrupt your code instead. +# However, any existing packages should not use this version. +# See: https://github.com/perl5-dbi/DBD-mysql/issues/117 +=dev-perl/DBD-mysql-4.42.0 + +# Brian Evans <grknight@gentoo.org> (21 Jul 2017) +# Mask initial beta of PHP 7.2 for further testing +>=dev-lang/php-7.2.0_beta1 +=virtual/httpd-php-7.2 + +# Mikhail Pukhlikov <cynede@gentoo.org> (20 Jul 2017) +# Old mono/dotnet packages (used on GNOME2 stack) +# also some deprecated forks used for monodevelop +# awhile they are very unstable they will live in dotnet overlay +gnome-extra/docky +dev-dotnet/gnome-desktop-sharp +dev-dotnet/gtksourceview-sharp +dev-dotnet/rsvg-sharp +dev-dotnet/vte-sharp +dev-dotnet/wnck-sharp +dev-dotnet/xdt-for-monodevelop +dev-dotnet/nuget +dev-dotnet/referenceassemblies-pcl + +# Ian Stakenvicius <axs@gentoo.org> (19 Jul 2017) +# Mask spidermonkey:52 as it is a self-rolled release, no official +# release has been rolled. Is only committed to support development +# versions of gjs. Will unmask when gnome-3.26 is ready for testing +# or when upstream releases an official tarball. +dev-lang/spidermonkey:52 + +# Nicolas Bock <nicolasbock@gentoo.org> (17 Jul 2017) +# Keep shotwell development series masked. +>=media-gfx/shotwell-0.27 + +# Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) +# Doesn't work with >=openvpn-2.3, bug 470696 +# Fix is work in progress, see above bug. dilfridge@g.o +net-vpn/kvpnc + +# Pacho Ramos <pacho@gentoo.org> (14 Jul 2017) +# Randomly broken due to sys-devel/binutils-config bug (#584296). +# Unmask when it is finally fixed, so people can build the package. +dev-util/mutrace + +# Matthias Schwarzott <zzam@gentoo.org> (03 Jul 2017) +# The snapshots got a wrong version number assigned. +# They are from before version 2.0.0. Masking them to force +# an update to version 2.0.0 as soon as it is added to the tree. +=media-plugins/vdr-xineliboutput-2.0.0_p20130821 +=media-plugins/vdr-xineliboutput-2.0.0_p20150220 + +# Thomas Deutschmann <whissi@gentoo.org> (28 Jun 2017) +# New strip feature which is enabled by default causes genkernel +# to create unbootable kernel/initramfs images. Bug #622716 +=sys-kernel/genkernel-3.5.1.0 + +# Thomas Deutschmann <whissi@gentoo.org> (17 Jun 2017) +# Unmaintained in Gentoo repository; Multiple vulnerabilities +# People using VMware in Gentoo should switch to Gentoo's VMware overlay +# Bugs 619398, 621910, 616958, 536364, 614666, 612804 ... +app-emulation/vmware-workstation +app-emulation/vmware-player +app-emulation/vmware-modules +app-emulation/vmware-tools + +# Raymond Jennings <shentino@gmail.com> (11 Jun 2017) +# Upstream announced EOL effective July 2017. +# Depends on qt4 which is being deprecated. +# Possible alternative is skypeforlinux, +# which uses the same account information but has different features. +# See bug #620722 and bug #608174. +dev-python/skype4py +media-sound/skype-call-recorder +net-im/skype +net-im/skypetab-ng + +# Hans de Graaff <graaff@gentoo.org> (05 Jun 2017) +# Bundles obsolete and vulnerable webkit version. +# Upstream has stopped development and recommends using +# headless mode in >=www-client/chromium-59. +# Masked for removal in 90 days. Bug #589994. +www-client/phantomjs +dev-ruby/poltergeist + +# Andreas K. Hüttel <dilfridge@gentoo.org> (5 June 2017) +# Masked for initial testing. +=dev-lang/perl-5.26.0 +=dev-lang/perl-5.26.1 +=virtual/perl-Archive-Tar-2.240.0 +=virtual/perl-B-Debug-1.240.0 +=virtual/perl-CPAN-2.180.0 +=virtual/perl-CPAN-Meta-2.150.10 +=virtual/perl-Carp-1.420.0 +=virtual/perl-Compress-Raw-Bzip2-2.74.0 +=virtual/perl-Compress-Raw-Zlib-2.74.0 +=virtual/perl-DB_File-1.840.0 +=virtual/perl-Data-Dumper-2.167.0 +=virtual/perl-Devel-PPPort-3.350.0 +=virtual/perl-Digest-MD5-2.550.0 +=virtual/perl-Digest-SHA-5.960.0 +=virtual/perl-Encode-2.880.0 +=virtual/perl-ExtUtils-MakeMaker-7.240.0 +=virtual/perl-ExtUtils-ParseXS-3.340.0 +=virtual/perl-File-Spec-3.670.0 +=virtual/perl-Filter-Simple-0.930.0 +=virtual/perl-Getopt-Long-2.490.0 +=virtual/perl-HTTP-Tiny-0.70.0 +=virtual/perl-I18N-LangTags-0.420.0 +=virtual/perl-IO-1.380.0 +=virtual/perl-IO-Compress-2.74.0 +=virtual/perl-IO-Socket-IP-0.380.0 +=virtual/perl-IPC-Cmd-0.960.0 +=virtual/perl-JSON-PP-2.274.0.200_rc +=virtual/perl-Locale-Maketext-1.280.0 +=virtual/perl-Math-BigInt-1.999.806-r1 +=virtual/perl-Math-BigInt-FastCalc-0.500.500 +=virtual/perl-Math-BigRat-0.261.100 +=virtual/perl-Math-Complex-1.590.100 +=virtual/perl-Module-Load-Conditional-0.680.0 +=virtual/perl-Module-Metadata-1.0.33 +=virtual/perl-Net-Ping-2.550.0 +=virtual/perl-Parse-CPAN-Meta-2.150.10 +=virtual/perl-Perl-OSType-1.10.0 +=virtual/perl-Pod-Simple-3.350.0 +=virtual/perl-Safe-2.400.0 +=virtual/perl-Scalar-List-Utils-1.460.200_rc +=virtual/perl-Storable-2.620.0 +=virtual/perl-Sys-Syslog-0.350.0 +=virtual/perl-Term-ANSIColor-4.60.0 +=virtual/perl-Term-ReadLine-1.160.0 +=virtual/perl-Test-1.300.0 +=virtual/perl-Test-Harness-3.380.0 +=virtual/perl-Test-Simple-1.302.73 +=virtual/perl-Thread-Queue-3.120.0 +=virtual/perl-Thread-Semaphore-2.130.0 +=virtual/perl-Time-Local-1.250.0 +=virtual/perl-XSLoader-0.270.0 +=virtual/perl-bignum-0.470.0 +=virtual/perl-libnet-3.100.0 +=virtual/perl-parent-0.236.0 +=virtual/perl-podlators-4.90.0 +=virtual/perl-threads-2.150.0 +=virtual/perl-threads-shared-1.560.0 +=virtual/perl-version-0.991.700 +# +# The following masks are technically not part of the Perl 5.26 block, +# but with the unmasking of Perl 5.26 they become obsolete and can be +# removed: +# +>=perl-core/ExtUtils-MakeMaker-7.180.0 +>=dev-perl/Net-Twitter-4.10.420 +>=perl-core/Math-BigInt-1.999.726 +>=dev-perl/Math-BigInt-GMP-1.600.0 +=perl-core/Test-Simple-1.302.96 +=virtual/perl-Test-Simple-1.302.96 +dev-perl/Test2-Suite +>=dev-perl/Data-Validate-Domain-0.120.0 +dev-perl/Test2-Plugin-NoWarnings +dev-perl/Params-ValidationCompiler +dev-perl/Sub-Info +dev-perl/Term-Table +>=dev-perl/DateTime-Locale-1.60.0 +>=dev-perl/DateTime-TimeZone-2.20.0 +>=dev-perl/DateTime-1.370.0 +>=dev-perl/DateTime-Format-Strptime-1.710.0 +>=dev-perl/Log-Dispatch-2.590.0 +>=dev-perl/App-pwhich-1.150.0 + +# Thomas Deutschmann <whissi@gentoo.org> (24 May 2017) +# Broken runscript/changed behavior causing lvm2 to fail +# on boot. Bug #617578 +>=sys-fs/lvm2-2.02.171 + +# Michał Górny <mgorny@gentoo.org> (22 May 2017) +# for Maciej S. Szmigiero <mail@maciej.szmigiero.name> +# Any version above 5.100.138 breaks b43 driver in various ways. +# Also, b43 wiki page says to use 5.100.138. Bug #541080. +>=sys-firmware/b43-firmware-6.30.163.46 + +# Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>, +# Matthias Maier <tamiko@gentoo.org> (21 May 2017) +# These old versions of toolchain packages (binutils, gcc, glibc) are no +# longer officially supported and are not suitable for general use. Using +# these packages can result in build failures (and possible breakage) for +# many packages, and may leave your system vulnerable to known security +# exploits. +# If you still use one of these old toolchain packages, please upgrade (and +# switch the compiler / the binutils) ASAP. If you need them for a specific +# (isolated) use case, feel free to unmask them on your system. +<sys-devel/gcc-4.9 +<sys-libs/glibc-2.23-r4 +<sys-devel/binutils-2.28.1 + +# Michał Górny <mgorny@gentoo.org> (20 May 2017) +# Old versions of CUDA and their reverse dependencies. They do not +# support GCC 4.9+, and are really old. +<dev-python/pycuda-2016 +<dev-util/nvidia-cuda-sdk-7 +<dev-util/nvidia-cuda-toolkit-7 +net-wireless/cpyrit-cuda + +# Maciej Mrozowski <reavertm@gentoo.org> (18 May 2017) +# Experimental, most consumers does not support it yet +>=dev-games/openscenegraph-3.5.5 +>=dev-games/openscenegraph-qt-3.5.5 + +# Bernard Cafarelli <voyageur@gentoo.org> (8 May 2017) +# Coordinated conversion to wxGTK:3.0-gtk3 +# Drop mask after migration of existing wxGTK:3.0 users +# and wxGTK-3.0.3 bump in tree +>=net-ftp/filezilla-3.25.2-r1 + +# Zac Medico <zmedico@gentoo.org> (01 May 2017) +# Possible API incompatibilities, bug #617174. +# http://aiohttp.readthedocs.io/en/latest/migration.html +>=dev-python/aiohttp-2 +>=dev-python/yarl-0.10 + +# Rick Farina <zerochaos@gentoo.org> (17 Apr 2017) +# Masking old versions because upstream changed versioning +# Please keep this mask for 1 year to ease upgrades for users +=app-crypt/hashcat-3.10-r1 +=app-crypt/hashcat-3.30 +=app-crypt/hashcat-3.40 + +# Lars Wendler <polynomial-c@gentoo.org> (24 Mar 2017) +# Masked until Mozilla and Chrome agreed how to handle +# Symantec trust issues properly (bug #613714) +=app-misc/ca-certificates-20161130.3.30-r1 + +# Eray Aslan <eras@gentoo.org> (01 Mar 2017) +# Mask experimental software +=mail-mta/postfix-3.3* + +# Davide Pesavento <pesa@gentoo.org> (25 Feb 2017) +# Library name changed in 2.10, breaking many consumers. +# Needs full revdep testing. +>=dev-python/qscintilla-python-2.10 +>=x11-libs/qscintilla-2.10 +=app-editors/juffed-0.10_p20160323 + +# Mart Raudsepp <leio@gentoo.org> (16 Feb 2017) +# Old gstreamer 0.10 version, which is security vulnerable. +# Use gstreamer:1.0 with media-plugins/gst-plugins-libav +# instead (despite the name, it uses media-video/ffmpeg too). +# Please keep this mask entry until gstreamer:0.10 is still +# in tree or at least gets an affecting GLSA from bug 601354 +# Bug #594878. +media-plugins/gst-plugins-ffmpeg + +# Kent Fredric <kentnl@gentoo.org> (04 Feb 2017) +# Unsecure versions that have been only restored to tree +# to resolve compatibility problems with mail-filter/amavisd-new +# Use with caution due to these being removed for CVE-2016-1251 +# Bug: #601144 +# Bug: #604678 +<dev-perl/DBD-mysql-4.41.0 + +# Alon Bar-Lev <alonbl@gentoo.org> (06 Feb 2017) +# Needs openssl-1.1 +>=dev-libs/opencryptoki-3.6 + +# Bernard Cafarelli <voyageur@gentoo.org> (30 Jan 2017) +# Alpha release with new features, masked for testing +=app-text/tesseract-4.00.00_alpha* + +# Michał Górny <mgorny@gentoo.org> (26 Jan 2017) +# Pre-release, masked for testing. Major changes since 2.0.4, +# including dropped support for BlueZ 4. +=net-wireless/blueman-2.1_alpha* + +# Yixun Lan <dlan@gentoo.org> (16 Jan 2017) +# Masked, Vulnerable due to RGW Denial of Service (bug #598206) +# We mask it instead of removing them, due user may need them while +# upgrade from old versions (<0.94.x) +<sys-cluster/ceph-10.2.3-r1 + +# Jeroen Roovers <jer@gentoo.org> (12 Jan 2017) +# Use x11-drivers/nvidia-drivers[tools] instead. +media-video/nvidia-settings + +# Michael Orlitzky <mjo@gentoo.org> (07 Jan 2017) +# This package has some dangerous quality and security issues, but +# people may still find it useful. It is masked to prevent accidental +# use. See bugs 603346 and 604998 for more information. +app-admin/amazon-ec2-init + +# Mart Raudsepp <leio@gentoo.org> (07 Jan 2017) +# No releases of this API version since March 2001, abandoned +# in favour of glib:2 for 14 years; bug 604966. +# Removed at 2017-02-08, mask kept for longer display to users. +dev-libs/glib:1 + +# Mart Raudsepp <leio@gentoo.org> (06 Jan 2017) +# No releases of this API version since April 2001, abandoned +# in favour of gtk+:2 for 14 years; bug 604862. +# Removed at 2017-02-08, mask kept for longer display to users. +x11-libs/gtk+:1 + +# Robin H. Johnson <robbat2@gentoo.org> (05 Jan 2017) +# Masking for testing +=app-emulation/ganeti-2.16* +=app-emulation/ganeti-2.17* + +# Markos Chandras <hwoarang@gentoo.org> (10 Dec 2016) +# Reverse dependencies need testing, wrt bug #580760 +>=net-libs/libtorrent-rasterbar-1.1.1 + +# Michał Górny <mgorny@gentoo.org> (17 Nov 2016) +# New version masked for testing. It supports source-window buffer size +# over 2G but it 'currently performs 3-5% slower and has 1-2% worse +# compression'. +>=dev-util/xdelta-3.1.0 + +# Tim Harder <radhermit@gentoo.org> (03 Nov 2016) +# Masked for testing +=sys-fs/fuse-3.0.0* + +# Denis Dupeyron <calchan@gentoo.org> (12 Sep 2016) +# Masked for testing, see bug #588894. +=x11-misc/light-locker-1.7.0-r1 + +# Lars Wendler <polynomial-c@gentoo.org> (26 Aug 2016) +# Masked while being tested and reverse deps aren't fully compatible +=dev-libs/openssl-1.1* + +# Michał Górny <mgorny@gentoo.org> (18 Jul 2016) +# Pre-release of a complete rewrite, provided for early testing. Not all +# functionality is provided yet. Use --pretend to make sure correct +# files will be removed. +>=app-admin/eclean-kernel-1.99 + +# Chris Reffett <creffett@gentoo.org> (25 May 2016) +# The webkit-gtk:4 backend for Xiphos has known text display issues. +# Use at your own risk. +=app-text/xiphos-4.0.4-r1 + +# James Le Cuirot <chewi@gentoo.org> (03 Apr 2016) +# Masking Spring Framework for the time being as 3.2.4 is old, has +# multiple vulnerabilities, and we're not likely to update it +# soon. Hopefully we can revisit it when the Maven stuff works out. +dev-java/spring-aop +dev-java/spring-beans +dev-java/spring-core +dev-java/spring-expression +dev-java/spring-instrument + +# Andreas K. Hüttel <dilfridge@gentoo.org> (03 Apr 2016) +# Can exhaust all available memory depending on task +# but is made available for experts who heed this warning +# as newer versions produce different output. Contact +# the proxied maintainer Matthew Brewer <tomboy64@sina.cn> +# for questions. +<=media-gfx/slic3r-1.1.9999 + +# José María Alonso <nimiux@gentoo.org> (24 Mar 2016) +# Fails to build dev-lisp/sbcl-1.3.3 #563812 +=dev-lisp/asdf-3.1.7 +=dev-lisp/uiop-3.1.7 + +# James Le Cuirot <chewi@gentoo.org> (07 Feb 2016) +# Masked until 2.0 final arrives, which hopefully won't depend on +# commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the +# tree should have actually been 2.0_beta1. There are no revdeps. +dev-java/jcs + +# Andrey Grozin <grozin@gentoo.org> (04 Jan 2016) +# Needs a bump and substantial ebuild rewrite +=sci-mathematics/reduce-20110414-r1 + +# Michał Górny <mgorny@gentoo.org> (30 Oct 2015) +# Uses unsafe ioctls that could result in data corruption. Upstream +# is working on replacing them in the wip/dedup-syscall branch. +# Keep it masked until they are done. sys-fs/duperemove is +# the suggested replacement for the meantime. +sys-fs/bedup + +# Ian Delaney <idella4@gentoo.org> (27 Oct 2015) +# fails to build dev-lisp/sbcl-1.2.16 #563812 +# mgorny: dev-lisp/uiop as version-bound revdep +=dev-lisp/asdf-3.1.6 +=dev-lisp/uiop-3.1.6 + +# Mike Pagano <mpagano@gentoo.org> (2 Oct 2015) +# A regression in kernel 4.1.9 could lead to a system +# lockup. This has been fixed in gentoo-sources-4.1.9-r1 +# and the hope is that this patch will make it to 4.1.10 +# Expires (2 Oct 2017) +=sys-kernel/vanilla-sources-4.1.9 +=sys-kernel/gentoo-sources-4.1.9 + +# Lars Wendler <polynomial-c@gentoo.org> (20 Aug 2015) +# Releases are not from original upstream but from a fork. +# Masked as requested by vapier. +~net-misc/iputils-20160308 +~net-misc/iputils-20161105 + +# Sebastian Pipping <sping@gentoo.org> (8 Aug 2015) +# Upcoming, too young to go into testing unmasked +dev-libs/iniparser:4 + +# Davide Pesavento <pesa@gentoo.org> (23 Jul 2015) +# Standalone version of qtwebkit from the 2.3 upstream branch. +# Needs revdep testing. Bug #388207. +=dev-qt/qtwebkit-4.10* + +# Justin Lecher <jlec@gentoo.org> (28 Feb 2015) +# Unfixed security problems +# No upstream support anymore +# CVE-2015-{0219,0220,0221,0222,5145} +# CVE-2016-{9013,9014},CVE-2017-{7233,7234} +# #536586 +# #554864 +=dev-python/django-1.4* +=dev-python/django-1.5* +=dev-python/django-1.6* +=dev-python/django-1.7* +=dev-python/django-1.9* + +# Jeroen Roovers <jer@gentoo.org> (12 Dec 2014) +# The 96 and 173 branches are no longer supported and remain vulnerable to +# CVE-2014-8298 (bug #532342). You may be able to mitigate the vulnerability by +# disabling GLX indirect rendering protocol support on the X server. +<x11-drivers/nvidia-drivers-304 + +# Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014) +# Masked for testing, presently fails upstream testsuite: +# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1 +# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed. +# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1 +=sys-libs/db-6.1* +=sys-libs/db-6.2* + +# Ulrich Müller <ulm@gentoo.org> (15 Jul 2014) +# Permanently mask sys-libs/lib-compat and its reverse dependencies, +# pending multiple security vulnerabilities and QA issues. +# See bugs #515926 and #510960. +sys-libs/lib-compat +sys-libs/lib-compat-loki +games-action/mutantstorm-demo +games-action/phobiaii +games-fps/rtcw +games-fps/unreal +games-strategy/heroes3 +games-strategy/heroes3-demo +games-strategy/smac + +# Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014) +# Masked for proper testing. (Major updates in the code). +~dev-perl/PortageXS-0.2.12 + +# Hans de Graaff <graaff@gentoo.org> (1 Jun 2014) +# Mask new rubinius version for testing. This needs more work +# to fully integrate it in our Gentoo ruby handling. Volunteers +# welcome. +=dev-lang/rubinius-3* + +# Matti Bickel <mabi@gentoo.org> (22 Apr 2014) +# Masked slotted lua for testing +# William Hubbs <williamh@gentoo.org> (07 Aug 2016) +# Taking this mask since Mabi is retired +# Rafael Martins <rafaelmartins@gentoo.org> (04 Dec 2016) +# Adding Lua 5.3 to mask +app-eselect/eselect-lua +=dev-lang/lua-5.1.5-r2 +=dev-lang/lua-5.1.5-r100 +=dev-lang/lua-5.1.5-r101 +=dev-lang/lua-5.2.3 +=dev-lang/lua-5.2.3-r1 +=dev-lang/lua-5.2.3-r2 +=dev-lang/lua-5.3.3 +=dev-lang/lua-5.3.3-r1 + +# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014) +# Dev channel releases are only for people who are developers or want more +# experimental features and accept a more unstable release. +www-plugins/chrome-binary-plugins:unstable + +# Justin Lecher <jlec@gentoo.org> (14 Oct 2013) +# Seems to break all deps - API change? +>=sci-libs/metis-5 + +# Michael Weber <xmw@gentoo.org> (17 Jul 2013) +# Upstream next versions +>=sys-boot/raspberrypi-firmware-1_pre + +# Richard Freeman <rich0@gentoo.org> (24 Mar 2013) +# Contains known buffer overflows. Package generally works +# but should not be fed untrusted input (eg from strangers). +# Masked to ensure users are aware before they install. +app-text/cuneiform + +# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012) +# Masked for testing since this is known to break nearly +# every reverse dependency wrt bug 407091 +>=dev-lang/lua-5.2.0 + +# Samuli Suominen <ssuominen@gentoo.org> (30 Oct 2011) +# Masked for security bug #294253, use only at your own risk! +=media-libs/fmod-3* + +# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009) +# These packages are not supposed to be merged directly, instead +# please use sys-devel/crossdev to install them. +dev-libs/cygwin +dev-util/mingw-runtime +dev-util/mingw64-runtime +dev-util/w32api +sys-libs/newlib +dev-embedded/avr-libc + +# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008) +# Masking due to security bug #194607 and security bug #204067 +games-fps/doom3 +games-fps/doom3-cdoom +games-fps/doom3-chextrek +games-fps/doom3-data +games-fps/doom3-demo +games-fps/doom3-ducttape +games-fps/doom3-eventhorizon +games-fps/doom3-hellcampaign +games-fps/doom3-inhell +games-fps/doom3-lms +games-fps/doom3-mitm +games-fps/doom3-roe +games-fps/quake4-bin +games-fps/quake4-data +games-fps/quake4-demo + +# <klieber@gentoo.org> (01 Apr 2004) +# The following packages contain a remotely-exploitable +# security vulnerability and have been hard masked accordingly. +# +# Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info +# +games-fps/unreal-tournament-goty +games-fps/unreal-tournament-strikeforce +games-fps/unreal-tournament-bonuspacks +games-fps/aaut |