path: root/profiles/package.mask

####################################################################
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
# careful not to commit atoms that are not valid, as it can cause large-scale
# breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (23 May 2015)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---
#
# Patrice Clement <monsieurp@gentoo.org> (05 Jul 2017)
# Part of the JRE since 1.6.
# Masked for removal in 30 days. Bug #553188.
java-virtual/jaf

# Matthias Schwarzott <zzam@gentoo.org> (03 Jul 2017)
# The snapshots got a wrong version number assigned.
# They are from before version 2.0.0. Masking them to force
# an update to version 2.0.0 as soon as it is added to the tree.
=media-plugins/vdr-xineliboutput-2.0.0_p20130821
=media-plugins/vdr-xineliboutput-2.0.0_p20150220

# Michał Górny <mgorny@gentoo.org> (02 Jul 2017)
# The eselect module has been integrated into app-shells/bash-completion
# and all the old versions (not having it) are gone. Removal in 14 days.
app-eselect/eselect-bashcomp

# Alon Bar-Lev <alonbl@gentoo.org> (01 Jul 2017)
# Unmaintained and segfaults.
# Masked for removal in 30 days. Bug#623276.
app-crypt/mdcrack

# Andreas Sturmlechner <asturm@gentoo.org> (01 Jul 2017)
# All revdeps have been ported to app-crypt/gpgme[cxx].
# Masked for removal in 30 days.
kde-apps/gpgmepp

# Andreas Sturmlechner <asturm@gentoo.org> (01 Jul 2017)
# Depends on vulnerable qtwebkit:4. Dead upstream.
# Masked for removal in 30 days. Bug #621558.
kde-misc/krecipes

# Michael Palimaka <kensington@gentoo.org> (01 Jul 2017)
# Depends on vulnerable qtwebkit:4. Dead upstream.
# Masked for removal in 30 days. Bug #620836.
media-gfx/picturewall

# Michael Palimaka <kensington@gentoo.org> (01 Jul 2017)
# Depends on vulnerable qtwebkit:4. Dead upstream.
# Masked for removal in 30 days. Bug #620704.
media-gfx/smile

# Michael Palimaka <kensington@gentoo.org> (01 Jul 2017)
# Depends on vulnerable qtwebkit:4. Dead upstream.
# Masked for removal in 30 days. Bug #620700.
kde-misc/semantik

# Michael Palimaka <kensington@gentoo.org> (01 Jul 2017)
# Depends on vulnerable qtwebkit:4. Dead upstream.
# Masked for removal in 30 days. Bug #620688.
app-cdr/acetoneiso

# Thomas Deutschmann <whissi@gentoo.org> (28 Jun 2017)
# New strip feature which is enabled by default causes genkernel
# to create unbootable kernel/initramfs images. Bug #622716
=sys-kernel/genkernel-3.5.1.0

# Mike Gilbert <floppym@gentoo.org> (24 Jun 2017)
# Obsolete package: use sys-apps/systemd[sysv-utils] instead.
# Removal in 30 days.
sys-apps/systemd-sysv-utils

# Hans de Graaff <graaff@gentoo.org> (23 Jun 2017)
# Mask ruby21-only packages for removal in 30 days
# Old slots that are ruby21-only
dev-ruby/prawn:1
dev-ruby/rspec:0
# ruby21-only package that does not work with current
# dev-ruby/parslet versions.
dev-ruby/toml
# ruby21-only, no maintainer, fails tests
www-apps/jekyll-paginate

# Patrice Clement <monsieurp@gentoo.org> (20 Jun 2017)
# Fails to build with Java 8. Project is active on Github yet ebuild has never
# been marked stable.
# Masked for removal in 30 days.
dev-java/jdbc-jaybird

# Andreas Sturmlechner <asturm@gentoo.org> (18 Jun 2017)
# No port to kf5 as nsplugin support is dropped everywhere.
# No more kdelibs-4 based kparts in tree to feed it with.
# Masked for removal in 30 days.
www-plugins/kpartsplugin

# Thomas Deutschmann <whissi@gentoo.org> (17 Jun 2017)
# Unmaintained in Gentoo repository; Multiple vulnerabilities
# People using VMware in Gentoo should switch to Gentoo's VMware overlay
# Bugs 619398, 621910, 616958, 536364, 614666, 612804 ...
app-emulation/vmware-workstation
app-emulation/vmware-player
app-emulation/vmware-modules
app-emulation/vmware-tools

# Pacho Ramos <pacho@gentoo.org> (17 Jun 2017)
# Not compatible with ffmpeg-3 (#602786), other bug reports and NPAPI
# plugins support in main browsers is dying. Removal in a month.
www-plugins/gnash

# Pacho Ramos <pacho@gentoo.org> (17 Jun 2017)
# Not compatible with ffmpeg-3 (#591946), neither builds without ffmpeg
# support (#607492) and NPAPI plugins are dying. Removal in a month.
www-plugins/lightspark

# Pacho Ramos <pacho@gentoo.org> (17 Jun 2017)
# Not compatible with ffmpeg-3 (#589806) and needs vulnerable qtwebkit:4
# (#620740). Removal in a month.
net-voip/homer

# Pacho Ramos <pacho@gentoo.org> (17 Jun 2017)
# Dead for ages, relies on google-code for fetching, not compatible with
# ffmpeg-3 neither with latest imagemagick (#575988). Removal in a month.
media-sound/gejengel

# Andreas Sturmlechner <asturm@gentoo.org> (15 Jun 2017)
# Last release 16.12.3, dropped upstream, never worked properly.
# Masked for removal in 30 days.
kde-apps/pim-storage-service-manager

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Fails to build, nothing needs it in the tree, bug #557450. Removal in a
# month.
dev-libs/radlib

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Relies on lots of dead old gnome libs, relies also on berlios.de and it is
# dead for more than 8 years, bug #537708. Removal in a month.
app-office/rubrica

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Not needed by anything in the tree, requires an obsolete texinfo version
# and is also the last consumer of gnat-gcc, bug #620982. Removal in a
# month.
sci-electronics/ghdl

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Not needed by anything in the tree, unmaintained and waiting for a major
# version bump if someone wants to take care of it, bug #474738. Removal in
# a month.
net-voip/gnugk

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# All consumers of this newer versions never got ported, if finally we need
# to readd a even newer version of this packages with an hypothetical newer
# Ekiga, we will need to work on new ebuilds anyway, bug #474740. Removal in
# a month.
#
# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (25 Jun 2013)
# Mask new ptlib/opal for breakage, tracked in bug #474742
# Lars Wendler <polynomial-c@gentoo.org> (29 Apr 2014)
# Adjusted mask so newer versions get covered as well.
>=net-libs/ptlib-2.12.0
>=net-libs/opal-3.12.0

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Not needed by anything in the tree, dead since 2006 and also needing our
# rpm package that is buggy and unmaintained, bug # 620986. Removal in a
# month.
app-emulation/domi

# Pacho Ramos <pacho@gentoo.org> (14 Jun 2017)
# Needs someone with the hardware to test how to install it (and its
# configuration files) properly. Dead since 2007, bug #493898. Removal in a
# month.
dev-lang/nqc

# Pawel Hajdan, Jr. <phajdan.jr@gentoo.org> (11 Jun 2017)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
>=www-client/chromium-61

# Raymond Jennings <shentino@gmail.com> (11 Jun 2017)
# Upstream announced EOL effective July 2017.
# Depends on qt4 which is being deprecated.
# Possible alternative is skypeforlinux,
# which uses the same account information but has different features.
# See bug #620722 and bug #608174.
dev-python/skype4py
media-sound/skype-call-recorder
net-im/skype
net-im/skypetab-ng

# Sergey Popov <pinkbyte@gentoo.org> (08 Jun 2017)
# Dead upstream, relies on ancient and vulnerable qtwebkit
# See bug #620690
# Removal in 30 days
app-editors/fb2edit

# Michał Górny <mgorny@gentoo.org> (07 Jun 2017)
# The new release changes API and *breaks* core Xfce components.
# Upstream lists xfce-base/xfce4-settings and xfce-base/xfce4-panel
# as being incompatible. The breakage is not exhibited at build time
# but results in broken executables. Masked until upstream releases
# fixed versions and for further testing.
>=xfce-base/xfconf-4.13
>=xfce-base/xfce4-settings-4.13.1

# Matthias Maier <tamiko@gentoo.org> (06 Jun 2017)
# Dead upstream, unmaintained, no homepage, no SRC_URI, x86-only, does not
# compile, bug #620964. Removal in 30 days.
app-text/7plus

# Michał Górny <mgorny@gentoo.org> (05 Jun 2017)
# Mask split *-sharp packages for removal. Replaced by combined:
# - >=dev-dotnet/gtk-sharp-2.12.21,
# - >=dev-dotnet/gnome-sharp-2.24.2-r1.
# Removal in 14 days.
<dev-dotnet/gtk-sharp-2.12.21
dev-dotnet/atk-sharp
dev-dotnet/gdk-sharp
dev-dotnet/glade-sharp
dev-dotnet/glib-sharp
dev-dotnet/gtk-dotnet-sharp
dev-dotnet/gtk-sharp-docs
dev-dotnet/gtk-sharp-gapi
dev-dotnet/pango-sharp
<dev-dotnet/gnome-sharp-2.24.2-r1
dev-dotnet/art-sharp
dev-dotnet/gconf-sharp

# Michał Górny <mgorny@gentoo.org> (05 Jun 2017)
# (on behalf of Treecleaner project)
# Unmaintained in Gentoo. The current Gentoo version no longer builds.
# Removal in 30 days. Bug #602820.
media-plugins/vdr-xineliboutput

# Michał Górny <mgorny@gentoo.org> (05 Jun 2017)
# (on behalf of Treecleaner project)
# Unmaintained in Gentoo. Multiple bugs, including a security
# vulnerability. Removal in 30 days. Bug #581960.
net-irc/atheme-services

# Hans de Graaff <graaff@gentoo.org> (05 Jun 2017)
# Bundles obsolete and vulnerable webkit version.
# Upstream has stopped development and recommends using
# headless mode in >=www-client/chromium-59.
# Masked for removal in 90 days. Bug #589994.
www-client/phantomjs
dev-ruby/poltergeist

# Andreas K. Hüttel <dilfridge@gentoo.org> (5 June 2017)
# Masked for initial testing.
=dev-lang/perl-5.26.0
=virtual/perl-Archive-Tar-2.240.0
=virtual/perl-B-Debug-1.240.0
=virtual/perl-CPAN-2.180.0
=virtual/perl-CPAN-Meta-2.150.10
=virtual/perl-Carp-1.420.0
=virtual/perl-Compress-Raw-Bzip2-2.74.0
=virtual/perl-Compress-Raw-Zlib-2.74.0
=virtual/perl-DB_File-1.840.0
=virtual/perl-Data-Dumper-2.167.0
=virtual/perl-Devel-PPPort-3.350.0
=virtual/perl-Digest-MD5-2.550.0
=virtual/perl-Digest-SHA-5.960.0
=virtual/perl-Encode-2.880.0
=virtual/perl-ExtUtils-MakeMaker-7.240.0
=virtual/perl-ExtUtils-ParseXS-3.340.0
=virtual/perl-File-Spec-3.670.0
=virtual/perl-Filter-Simple-0.930.0
=virtual/perl-Getopt-Long-2.490.0
=virtual/perl-HTTP-Tiny-0.70.0
=virtual/perl-I18N-LangTags-0.420.0
=virtual/perl-IO-1.380.0
=virtual/perl-IO-Compress-2.74.0
=virtual/perl-IO-Socket-IP-0.380.0
=virtual/perl-IPC-Cmd-0.960.0
=virtual/perl-JSON-PP-2.274.0.200_rc
=virtual/perl-Locale-Maketext-1.280.0
=virtual/perl-Math-BigInt-1.999.806-r1
=virtual/perl-Math-BigInt-FastCalc-0.500.500
=virtual/perl-Math-BigRat-0.261.100
=virtual/perl-Math-Complex-1.590.100
=virtual/perl-Module-Load-Conditional-0.680.0
=virtual/perl-Module-Metadata-1.0.33
=virtual/perl-Net-Ping-2.550.0
=virtual/perl-Parse-CPAN-Meta-2.150.10
=virtual/perl-Perl-OSType-1.10.0
=virtual/perl-Pod-Simple-3.350.0
=virtual/perl-Safe-2.400.0
=virtual/perl-Scalar-List-Utils-1.460.200_rc
=virtual/perl-Storable-2.620.0
=virtual/perl-Sys-Syslog-0.350.0
=virtual/perl-Term-ANSIColor-4.60.0
=virtual/perl-Term-ReadLine-1.160.0
=virtual/perl-Test-1.300.0
=virtual/perl-Test-Harness-3.380.0
=virtual/perl-Test-Simple-1.302.73
=virtual/perl-Thread-Queue-3.120.0
=virtual/perl-Thread-Semaphore-2.130.0
=virtual/perl-Time-HiRes-1.974.100
=virtual/perl-Time-Local-1.250.0
=virtual/perl-XSLoader-0.270.0
=virtual/perl-bignum-0.470.0
=virtual/perl-libnet-3.100.0
=virtual/perl-parent-0.236.0
=virtual/perl-podlators-4.90.0
=virtual/perl-threads-2.150.0
=virtual/perl-threads-shared-1.560.0
=virtual/perl-version-0.991.700
#
# The following masks are technically not part of the Perl 5.26 block,
# but with the unmasking of Perl 5.26 they become obsolete and can be
# removed:
#
>=perl-core/ExtUtils-MakeMaker-7.180.0
>=dev-perl/Net-Twitter-4.10.420
>=perl-core/Math-BigInt-1.999.726
>=dev-perl/Math-BigInt-GMP-1.600.0
=perl-core/Test-Simple-1.302.75
=virtual/perl-Test-Simple-1.302.75
dev-perl/Test2-Suite
>=dev-perl/Data-Validate-Domain-0.120.0
dev-perl/Test2-Plugin-NoWarnings
dev-perl/Params-ValidationCompiler
>=dev-perl/DateTime-Locale-1.60.0
>=dev-perl/DateTime-TimeZone-2.20.0
>=dev-perl/DateTime-1.370.0
>=dev-perl/DateTime-Format-Strptime-1.710.0
>=dev-perl/Log-Dispatch-2.590.0

# Michał Górny <mgorny@gentoo.org> (25 May 2017)
# First GTK+3 version with known regressions:
# https://mail.xfce.org/pipermail/xfce-announce/2017-May/000517.html
# Masked (+ reverse dependencies) for opt-in testing.
>=xfce-base/xfce4-panel-4.13

# Thomas Deutschmann <whissi@gentoo.org> (24 May 2017)
# Broken runscript/changed behavior causing lvm2 to fail
# on boot. Bug #617578
=sys-fs/lvm2-2.02.171

# Michał Górny <mgorny@gentoo.org> (22 May 2017)
# for Maciej S. Szmigiero <mail@maciej.szmigiero.name>
# Any version above 5.100.138 breaks b43 driver in various ways.
# Also, b43 wiki page says to use 5.100.138. Bug #541080.
>=sys-firmware/b43-firmware-6.30.163.46

# Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>,
# Matthias Maier <tamiko@gentoo.org> (21 May 2017)
# These old versions of toolchain packages (binutils, gcc, glibc) are no
# longer officially supported and are not suitable for general use. Using
# these packages can result in build failures (and possible breakage) for
# many packages, and may leave your system vulnerable to known security
# exploits.
#
# If you still use one of these old toolchain packages, please upgrade (and
# in case of gcc switch the compiler) ASAP. If you need them for a specific
# (isolated) use case, feel free to unmask them on your system.
<sys-devel/gcc-4.9
<sys-libs/glibc-2.23

# Michał Górny <mgorny@gentoo.org> (20 May 2017)
# Old versions of CUDA and their reverse dependencies. They do not
# support GCC 4.9+, and are really old.
<dev-python/pycuda-2016
<dev-util/nvidia-cuda-sdk-7
<dev-util/nvidia-cuda-toolkit-7
net-wireless/cpyrit-cuda

# Maciej Mrozowski <reavertm@gentoo.org> (18 May 2017)
# Experimental, most consumers does not support it yet
>=dev-games/openscenegraph-3.5.5
>=dev-games/openscenegraph-qt-3.5.5

# Eray Aslan <eras@gentoo.org> (17 May 2017)
# Functionality merged to cyrus-imapd-2.5.x series.
# cyrus-imapd-2.5.10 was stabilized in Jan 2017.  Upgrade
# if you haven't already done so.  Removal in 30 days.
net-mail/cyrus-imap-admin
dev-libs/cyrus-imap-dev
# Masking for end-user convenience.  Will be dropped once
# net-mail/cyrus-imap-admin and dev-libs/cyrus-imap-dev
# are tree cleaned.
=net-mail/cyrus-imapd-2.4*

# Bernard Cafarelli <voyageur@gentoo.org> (8 May 2017)
# Coordinated conversion to wxGTK:3.0-gtk3
# Drop mask after migration of existing wxGTK:3.0 users
# and wxGTK-3.0.3 bump in tree
>=net-ftp/filezilla-3.25.2-r1

# Zac Medico <zmedico@gentoo.org> (01 May 2017)
# Possible API incompatibilities, bug #617174.
# http://aiohttp.readthedocs.io/en/latest/migration.html
>=dev-python/aiohttp-2
>=dev-python/yarl-0.10

# Rick Farina <zerochaos@gentoo.org> (17 Apr 2017)
# Masking old versions because upstream changed versioning
# Please keep this mask for 1 year to ease upgrades for users
=app-crypt/hashcat-3.10-r1
=app-crypt/hashcat-3.30
=app-crypt/hashcat-3.40

# Aaron W. Swenson <titanofold@gentoo.org> (17 Apr 2017)
# Masked for removal by 17 May 2017. Past end of life. Susceptible to security
# bugs (603716 and 603720). Upgrade to latest version.
=dev-db/postgresql-9.1.24

# NP-Hardass <NP-Hardass@gentoo.org> (10 Apr 2017)
# Masked for testing
virtual/wine
app-eselect/eselect-wine
app-emulation/wine-desktop-common
app-emulation/wine-gecko
app-emulation/wine-mono
app-emulation/wine-vanilla
app-emulation/wine-staging
app-emulation/wine-d3d9
app-emulation/wine-any

# Yixun Lan <dlan@gentoo.org> (30 Mar 2017)
# Masked, broken due to emoji support which requre npm package installed (bug #612218)
=app-i18n/ibus-1.5.15

# Lars Wendler <polynomial-c@gentoo.org> (24 Mar 2017)
# Masked until Mozilla and Chrome agreed how to handle
# Symantec trust issues properly (bug #613714)
=app-misc/ca-certificates-20161130.3.30-r1

# Gnome Team <gnome@gentoo.org> (08 Mar 2017)
# GNOME 3.24 mask (#611270)
>=x11-themes/adwaita-icon-theme-3.23
>=app-accessibility/at-spi2-core-2.23
>=dev-libs/atk-2.23
>=dev-cpp/atkmm-2.25
>=sys-apps/baobab-3.23
>=media-gfx/eog-3.23
>=www-client/epiphany-3.23
>=gnome-extra/evolution-data-server-3.23
>=gnome-base/gdm-3.23
>=sci-geosciences/geocode-glib-3.23
>=dev-libs/gjs-1.47
>=dev-libs/glib-2.51
>=net-libs/phodav-2.2
>=dev-util/gdbus-codegen-2.51
>=dev-cpp/glibmm-2.51
>=x11-themes/gnome-backgrounds-3.23
>=gnome-extra/gnome-boxes-3.23
>=gnome-extra/gnome-calculator-3.23
>=gnome-extra/gnome-calendar-3.23
>=gnome-extra/gnome-clocks-3.23
>=gnome-base/gnome-control-center-3.23
>=gnome-base/gnome-desktop-3.23
>=sys-apps/gnome-disk-utility-3.23
>=gnome-extra/gnome-logs-3.23
>=sci-geosciences/gnome-maps-3.23
>=net-libs/gnome-online-accounts-3.23
>=media-gfx/gnome-photos-3.23
>=gnome-base/gnome-session-3.23
>=gnome-base/gnome-settings-daemon-3.23
>=gnome-base/gnome-shell-3.23
>=gnome-extra/gnome-shell-extensions-3.23
>=gnome-extra/gnome-software-3.23
>=gnome-extra/gnome-system-monitor-3.23
>=x11-terms/gnome-terminal-3.23
>=dev-libs/gobject-introspection-1.51
>=dev-libs/gobject-introspection-common-1.51
>=gnome-base/gsettings-desktop-schemas-3.23
>=app-text/gspell-1.3
>=net-libs/gtk-vnc-0.7
>=x11-libs/gtksourceview-3.23
>=gnome-base/gvfs-1.31
>=dev-libs/libgee-0.19
>=gnome-base/libgtop-2.35
>=net-libs/libsoup-2.57
>=x11-wm/mutter-3.23
>=gnome-base/nautilus-3.23
>=app-accessibility/orca-3.23
>=dev-cpp/pangomm-2.41
>=media-video/totem-3.23
>=app-misc/tracker-1.11
>=dev-lang/vala-0.35
>=x11-libs/vte-0.47
>=gnome-base/dconf-editor-3.23
>=dev-util/devhelp-3.23
>=mail-client/evolution-3.23
>=games-board/gnome-mines-3.23
>=media-sound/gnome-music-3.23
>=games-arcade/gnome-nibbles-3.23
>=games-puzzle/hitori-3.23
>=games-puzzle/lightsoff-3.23
>=net-irc/polari-3.23
>=net-misc/rygel-0.33
>=games-puzzle/swell-foop-3.23

# Alexis Ballier <aballier@gentoo.org> (03 Mar 2017)
# Beta release, some packages fail to build.
>=dev-lang/ocaml-4.05.0_beta2
>=dev-ml/camlp4-4.05
>=dev-ml/ppx_tools-5.0.4.05.0

# Eray Aslan <eras@gentoo.org> (01 Mar 2017)
# Mask experimental software
=mail-mta/postfix-3.3*

# Davide Pesavento <pesa@gentoo.org> (25 Feb 2017)
# Library name changed in 2.10, breaking many consumers.
# Needs full revdep testing.
>=dev-python/qscintilla-python-2.10
>=x11-libs/qscintilla-2.10

# Andreas K. Hüttel <dilfridge@gentoo.org> (8 June 2017)
# Dead upstream for >3 years. Closed source. Bundles outdated
# libraries that certainly have known security issues (e.g.,
# icu-36 (!) or curl). Does not start anymore but segfaults.
# Removal in 30 days.
app-text/acroread
media-fonts/acroread-asianfonts

# Michael Palimaka <kensington@gentoo.org> (19 Feb 2017)
# Revdeps need patching.
>=media-gfx/libopenraw-0.1.0

# Mart Raudsepp <leio@gentoo.org> (16 Feb 2017)
# Old gstreamer 0.10 version, which is security vulnerable.
# Use gstreamer:1.0 with media-plugins/gst-plugins-libav
# instead (despite the name, it uses media-video/ffmpeg too).
# Please keep this mask entry until gstreamer:0.10 is still
# in tree or at least gets an affecting GLSA from bug 601354
# Bug #594878.
media-plugins/gst-plugins-ffmpeg

# Kent Fredric <kentnl@gentoo.org> (04 Feb 2017)
# Unsecure versions that have been only restored to tree
# to resolve compatibility problems with mail-filter/amavisd-new
# Use with caution due to these being removed for CVE-2016-1251
# Bug: #601144
# Bug: #604678
<dev-perl/DBD-mysql-4.41.0

# Alon Bar-Lev <alonbl@gentoo.org> (06 Feb 2017)
# Needs openssl-1.1
>=dev-libs/opencryptoki-3.6

# Bernard Cafarelli <voyageur@gentoo.org> (30 Jan 2017)
# Alpha release with new features, masked for testing
=app-text/tesseract-4.00.00_alpha*

# Michał Górny <mgorny@gentoo.org> (26 Jan 2017)
# Pre-release, masked for testing. Major changes since 2.0.4,
# including dropped support for BlueZ 4.
=net-wireless/blueman-2.1_alpha*

# Yixun Lan <dlan@gentoo.org> (16 Jan 2017)
# Masked, Vulnerable due to RGW Denial of Service (bug #598206)
# We mask it instead of removing them, due user may need them while
# upgrade from old versions (<0.94.x)
<sys-cluster/ceph-10.2.3-r1

# Jeroen Roovers <jer@gentoo.org> (12 Jan 2017)
# Use x11-drivers/nvidia-drivers[tools] instead.
media-video/nvidia-settings

# Michael Orlitzky <mjo@gentoo.org> (07 Jan 2017)
# This package has some dangerous quality and security issues, but
# people may still find it useful. It is masked to prevent accidental
# use. See bugs 603346 and 604998 for more information.
app-admin/amazon-ec2-init

# Mart Raudsepp <leio@gentoo.org> (07 Jan 2017)
# No releases of this API version since March 2001, abandoned
# in favour of glib:2 for 14 years; bug 604966.
# Removed at 2017-02-08, mask kept for longer display to users.
dev-libs/glib:1

# Mart Raudsepp <leio@gentoo.org> (06 Jan 2017)
# No releases of this API version since April 2001, abandoned
# in favour of gtk+:2 for 14 years; bug 604862.
# Removed at 2017-02-08, mask kept for longer display to users.
x11-libs/gtk+:1

# Robin H. Johnson <robbat2@gentoo.org> (05 Jan 2017)
# Masking for testing
=app-emulation/ganeti-2.16*
=app-emulation/ganeti-2.17*

# Markos Chandras <hwoarang@gentoo.org> (10 Dec 2016)
# Reverse dependencies need testing, wrt bug #580760
>=net-libs/libtorrent-rasterbar-1.1.1

# Robin H. Johnson <robbat2@gentoo.org> (18 Nov 2016)
# Depends on slotted lua, 
# odd revisions are slotted lua, 
# even revisions are unslotted lua
=dev-db/redis-3.2.5-r1
=dev-db/redis-3.2.5-r5
=dev-db/redis-3.2.6-r1
=dev-db/redis-3.2.6-r5
=dev-db/redis-3.2.8-r1
=dev-db/redis-3.2.8-r3

# Ian Stakenvicius (17 Nov 2016)
# Does not honour LD_LIBRARY_PATH set in the environment, causing
# all mozilla packages to fail in src_install() when xpcshell is
# called in ${WORKDIR}, #580726
# Segfaults when creating directories #578582
=sys-apps/sandbox-2.11*

# Michał Górny <mgorny@gentoo.org> (17 Nov 2016)
# New version masked for testing. It supports source-window buffer size
# over 2G but it 'currently performs 3-5% slower and has 1-2% worse
# compression'.
>=dev-util/xdelta-3.1.0

# Tim Harder <radhermit@gentoo.org> (03 Nov 2016)
# Masked for testing
=sys-fs/fuse-3.0.0*

# Julian Ospald <hasufell@gentoo.org> (21 Jul 2013)
# Mask all unfetchable versions and those with tons of random
# bugs and segfaults (all). Don't ask for a version bump unless
# there is a working release.
sci-geosciences/googleearth

# Denis Dupeyron <calchan@gentoo.org> (12 Sep 2016)
# Masked for testing, see bug #588894.
=x11-misc/light-locker-1.7.0-r1

# Lars Wendler <polynomial-c@gentoo.org> (26 Aug 2016)
# Masked while being tested and reverse deps aren't fully compatible
=dev-libs/openssl-1.1*

# Brian Evans <grknight@gentoo.org> (18 Aug 2016)
# Mask new MariaDB alphas for testing
>=dev-db/mariadb-10.2.0

# Mike Gilbert <floppym@gentoo.org> (07 Aug 2016)
# Fails to switch cpufreq governor.
# https://bugs.gentoo.org/590780
~sys-power/cpupower-4.7.0

# Michał Górny <mgorny@gentoo.org> (18 Jul 2016)
# Pre-release of a complete rewrite, provided for early testing. Not all
# functionality is provided yet. Use --pretend to make sure correct
# files will be removed.
>=app-admin/eclean-kernel-1.99

# Chris Reffett <creffett@gentoo.org> (25 May 2016)
# The webkit-gtk:4 backend for Xiphos has known text display issues.
# Use at your own risk.
=app-text/xiphos-4.0.4-r1

# Richard Freeman <rich0@gentoo.org> (16 Apr 2016)
# Masked for extended testing, and porting of openrc scripts
# if necessary.
>=media-tv/mythtv-0.28
>=media-plugins/mythplugins-0.28
>=www-apps/mythweb-0.28

# James Le Cuirot <chewi@gentoo.org> (03 Apr 2016)
# Masking Spring Framework for the time being as 3.2.4 is old, has
# multiple vulnerabilities, and we're not likely to update it
# soon. Hopefully we can revisit it when the Maven stuff works out.
dev-java/spring-aop
dev-java/spring-beans
dev-java/spring-core
dev-java/spring-expression
dev-java/spring-instrument

# Andreas K. Hüttel <dilfridge@gentoo.org> (03 Apr 2016)
# Can exhaust all available memory depending on task
# but is made available for experts who heed this warning
# as newer versions produce different output. Contact
# the proxied maintainer Matthew Brewer <tomboy64@sina.cn>
# for questions.
<=media-gfx/slic3r-1.1.9999

# José María Alonso <nimiux@gentoo.org> (24 Mar 2016)
# Fails to build dev-lisp/sbcl-1.3.3 #563812
=dev-lisp/asdf-3.1.7
=dev-lisp/uiop-3.1.7

# Aaron Bauman <bman@gentoo.org> (19 Mar 2016)
# Unpatched security vulnerability per bug #512356.
=app-forensics/chkrootkit-0.49

# James Le Cuirot <chewi@gentoo.org> (07 Feb 2016)
# Masked until 2.0 final arrives, which hopefully won't depend on
# commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the
# tree should have actually been 2.0_beta1. There are no revdeps.
dev-java/jcs

# Andrey Grozin <grozin@gentoo.org> (04 Jan 2016)
# Needs a bump and substantial ebuild rewrite
=sci-mathematics/reduce-20110414-r1

# Michał Górny <mgorny@gentoo.org> (30 Oct 2015)
# Uses unsafe ioctls that could result in data corruption. Upstream
# is working on replacing them in the wip/dedup-syscall branch.
# Keep it masked until they are done. sys-fs/duperemove is
# the suggested replacement for the meantime.
sys-fs/bedup

# Ian Delaney <idella4@gentoo.org> (27 Oct 2015)
# fails to build dev-lisp/sbcl-1.2.16 #563812
# mgorny: dev-lisp/uiop as version-bound revdep
=dev-lisp/asdf-3.1.6
=dev-lisp/uiop-3.1.6

# Mike Pagano <mpagano@gentoo.org> (2 Oct 2015)
# A regression in kernel 4.1.9 could lead to a system
# lockup.  This has been fixed in gentoo-sources-4.1.9-r1
# and the hope is that this patch will make it to 4.1.10
# Expires (2 Oct 2017)
=sys-kernel/vanilla-sources-4.1.9
=sys-kernel/gentoo-sources-4.1.9

# Lars Wendler <polynomial-c@gentoo.org> (09 Sep 2015)
# Masked for testing.
>=net-fs/samba-4.6.0_rc1

# Lars Wendler <polynomial-c@gentoo.org> (20 Aug 2015)
# Releases are not from original upstream but from a fork.
# Masked as requested by vapier.
~net-misc/iputils-20160308
~net-misc/iputils-20161105

# Sebastian Pipping <sping@gentoo.org> (8 Aug 2015)
# Upcoming, too young to go into testing unmasked
dev-libs/iniparser:4

# Davide Pesavento <pesa@gentoo.org> (23 Jul 2015)
# Standalone version of qtwebkit from the 2.3 upstream branch.
# Needs revdep testing. Bug #388207.
=dev-qt/qtwebkit-4.10*

# Justin Lecher <jlec@gentoo.org> (28 Feb 2015)
# Unfixed security problems
# No upstream support anymore
# CVE-2015-{0219,0220,0221,0222,5145}
# CVE-2016-{9013,9014},CVE-2017-{7233,7234}
# #536586
# #554864
=dev-python/django-1.4*
=dev-python/django-1.5*
=dev-python/django-1.6*
=dev-python/django-1.7*
=dev-python/django-1.9*
# Not supported by any django version upstream supports
dev-python/south

# Tony Vroon <chainsaw@gentoo.org> (5 Jan 2015)
# Asterisk 13 is an LTS release but has not seen
# sufficient releases to be considered ready for
# production usage. You are welcome to have a go
# but please be careful.
=net-misc/asterisk-13*

# Jeroen Roovers <jer@gentoo.org> (12 Dec 2014)
# The 96 and 173 branches are no longer supported and remain vulnerable to
# CVE-2014-8298 (bug #532342). You may be able to mitigate the vulnerability by
# disabling GLX indirect rendering protocol support on the X server.
<x11-drivers/nvidia-drivers-304

# Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014)
# Masked for testing, presently fails upstream testsuite:
# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1
# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed.
# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1
=sys-libs/db-6.1*
=sys-libs/db-6.2*

# Ulrich Müller <ulm@gentoo.org> (15 Jul 2014)
# Permanently mask sys-libs/lib-compat and its reverse dependencies,
# pending multiple security vulnerabilities and QA issues.
# See bugs #515926 and #510960.
sys-libs/lib-compat
sys-libs/lib-compat-loki
games-action/mutantstorm-demo
games-action/phobiaii
games-fps/rtcw
games-fps/unreal
games-strategy/heroes3
games-strategy/heroes3-demo
games-strategy/smac

# Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014)
# Masked for proper testing. (Major updates in the code).
~dev-perl/PortageXS-0.2.12

# Hans de Graaff <graaff@gentoo.org> (1 Jun 2014)
# Mask new rubinius version for testing. This needs more work
# to fully integrate it in our Gentoo ruby handling. Volunteers
# welcome.
=dev-lang/rubinius-3*

# Matti Bickel <mabi@gentoo.org> (22 Apr 2014)
# Masked slotted lua for testing
# William Hubbs <williamh@gentoo.org> (07 Aug 2016)
# Taking this mask since Mabi is retired
# Rafael Martins <rafaelmartins@gentoo.org> (04 Dec 2016)
# Adding Lua 5.3 to mask
app-eselect/eselect-lua
=dev-lang/lua-5.1.5-r2
=dev-lang/lua-5.1.5-r100
=dev-lang/lua-5.2.3
=dev-lang/lua-5.2.3-r1
=dev-lang/lua-5.3.3

# Sergey Popov <pinkbyte@gentoo.org> (20 Mar 2014)
# Security mask of vulnerable versions, wrt bug #424167
<net-nds/openldap-2.4.35

# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Justin Lecher <jlec@gentoo.org> (14 Oct 2013)
# Seems to break all deps - API change?
>=sci-libs/metis-5

# Sergey Popov <pinkbyte@gentoo.org> (18 Sep 2013)
# Mask development releases of botan:
# - causes many API breakages
# - do not compile in some USE-flag combinations
# - requires at least gcc 4.7(and possibly even 4.8 for some features)
>=dev-libs/botan-1.11.0

# Michael Weber <xmw@gentoo.org> (17 Jul 2013)
# Upstream next versions
>=sys-boot/raspberrypi-firmware-1_pre

# Richard Freeman <rich0@gentoo.org> (24 Mar 2013)
# Contains known buffer overflows.  Package generally works
# but should not be fed untrusted input (eg from strangers).
# Masked to ensure users are aware before they install.
app-text/cuneiform

# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012)
# Masked for testing since this is known to break nearly
# every reverse dependency wrt bug 407091
>=dev-lang/lua-5.2.0

# Samuli Suominen <ssuominen@gentoo.org> (30 Oct 2011)
# Masked for security bug #294253, use only at your own risk!
=media-libs/fmod-3*

# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-libs/cygwin
dev-util/mingw-runtime
dev-util/mingw64-runtime
dev-util/w32api
sys-libs/newlib
dev-embedded/avr-libc

# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008)
# Masking due to security bug #194607 and security bug #204067
games-fps/doom3
games-fps/doom3-cdoom
games-fps/doom3-chextrek
games-fps/doom3-data
games-fps/doom3-demo
games-fps/doom3-ducttape
games-fps/doom3-eventhorizon
games-fps/doom3-hellcampaign
games-fps/doom3-inhell
games-fps/doom3-lms
games-fps/doom3-mitm
games-fps/doom3-roe
games-fps/quake4-bin
games-fps/quake4-data
games-fps/quake4-demo

# <klieber@gentoo.org> (01 Apr 2004)
# The following packages contain a remotely-exploitable
# security vulnerability and have been hard masked accordingly.
#
# Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info
#
games-fps/unreal-tournament-goty
games-fps/unreal-tournament-strikeforce
games-fps/unreal-tournament-bonuspacks
games-fps/aaut