#################################################################### # $Id$ # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely # careful not to commit atoms that are not valid, as it can cause large-scale # breakage, especially if it ends up in the daily snapshot. # ## Example: ## ## # Dev E. Loper (28 Jun 2012) ## # Masking these versions until we can get the ## # v4l stuff to work properly again ## =media-video/mplayer-0.90_pre5 ## =media-video/mplayer-0.90_pre5-r1 # # - Best last rites (removal) practices - # Include the following info: # a) reason for masking # b) bug # for the removal (and yes you should have one) # c) date of removal (either the date or "in x days") # ## Example: ## ## # Dev E. Loper (23 May 2015) ## # Masked for removal in 30 days. Doesn't work ## # with new libfoo. Upstream dead, gtk-1, smells ## # funny. (bug #987654) ## app-misc/some-package #--- END OF EXAMPLES --- # Ulrich Müller (13 Jan 2017) # No longer maintained as a separate package. # Use sci-mathematics/maxima with USE=emacs instead. # Masked for removal in 30 days. Bug #448242. app-emacs/imaxima # Jeroen Roovers (12 Jan 2017) # Use x11-drivers/nvidia-drivers[tools] instead. media-video/nvidia-settings # Mike Gilbert (08 Jan 2017) # Masked pending testing and eclass/profile support. dev-lang/python:3.6 # Chris Reffett (08 Jan 2017) # Superseded by projectlibre-bin, please migrate to that. # Masked for removal in 30 days. app-office/openproj-bin # Michael Orlitzky (07 Jan 2017) # Places unauthenticated HTTP data into root's SSH authorized_keys # file. Nope. Masked for removal in 30 days. Bug 603346. app-admin/amazon-ec2-init # Mart Raudsepp (07 Jan 2017) # No releases of this API version since March 2001, abandoned # in favour of glib:2 for 14 years. # Marked for removal in 30 days. Bug 604966. dev-libs/glib:1 # Michael Orlitzky (06 Jan 2017) # Dead templating projects, you should move to something # like dev-php/smarty or dev-php/twig instead. # Masked for removal in 30 days. Bug 604884. dev-php/Savant2 dev-php/Savant3 dev-php/Savant3-Plugin-Form # Mart Raudsepp (06 Jan 2017) # No releases of this API version since April 2001, abandoned # in favour of gtk+:2 for 14 years. # Masked for removal in 30 days. Bug 604862. x11-libs/gtk+:1 # Robin H. Johnson (05 Jan 2017) # Masking for testing =app-emulation/ganeti-2.16* =app-emulation/ganeti-2.17* # Michael Orlitzky (02 Jan 2017) # Ancient version, dead upstream, no homepage, experiencing # build failures, no reverse dependencies -- we've hit all # the checkboxes. Masked for removal in 30 days. Bug 604464. dev-php/PHPonTrax # Michael Orlitzky (02 Jan 2017) # Ancient versions long forgotten by upstream, and # now experiencing build problems. Masked for removal # in 30 days. Bug 604462. dev-php/propel dev-php/propel-generator dev-php/propel-runtime # Daniel Campbell (02 Jan 2017) # Google Code shutdown and change of versioning scheme # needs 'old' versions masked (v94 -> v1.0.0) # Masked for removal in 30 days. =x11-misc/alock-94 =x11-misc/alock-94-r1 =x11-misc/alock-94-r2 # David Seifert (29 Dec 2016) # Ancient codebase, maintenance nightmare, dead # upstream, games-emulation/vbam is spiritual successor # Removal in 30 days, #598607 games-emulation/visualboyadvance # Hans de Graaff (13 Dec 2016) # Mask Rails 4.1.x for removal. # This version of Rails has not been supported upstream since Rails # 5.0.0 came out and its security can no longer be guaranteed. # Masked for removal in 30 days. dev-ruby/rails:4.1 dev-ruby/railties:4.1 dev-ruby/activerecord:4.1 dev-ruby/actionmailer:4.1 dev-ruby/actionpack:4.1 dev-ruby/actionview:4.1 dev-ruby/activemodel:4.1 dev-ruby/activesupport:4.1 # Still depends on Rails 4.1 for testing =dev-ruby/dalli-2.7.4 # Still depends on activerecord:4.1. No newer upstream version that # depends on a newer version. net-misc/termtter # David Seifert (27 Dec 2016) # New release, masked to iron out bugs >=dev-util/boost-build-1.63.0 >=dev-libs/boost-1.63.0 # David Seifert (27 Dec 2016) # Fails with more recent boost, dead upstream (bug #600548). dev-cpp/luabind games-rpg/valyriatear # Johannes Huber (25 Dec 2016) # Masked for removal in 30 days. Dead upstream. No reverse dependencies. # No maintainer. Was introduced for media-sound/tomahwak. Uses deprecated # EAPI. net-libs/qtweetlib # Göktürk Yüksek (22 Dec 2016) # Dead upstream, no more hosted on googlecode # No reverse dependencies. Masked for removal in 30 days. app-admin/phpsyslogng # David Seifert (20 Dec 2016) # Masked for being completely broken and unusable (bug 586356). # No reverse dependencies. Masked for removal in 30 days. net-analyzer/snips # Tim Harder (12 Dec 2016) # Outdated and broken in the tree. # Masked for removal in 30 days. dev-util/aap # Markos Chandras (11 Dec 2016) # Dead upstream, no maintainer and it hasn't been bumped # since 2013. Masking for removal in 30 days (wrt bug #489878) sys-power/powerman # Mike Gilbert (10 Dec 2016) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. >=www-client/chromium-57 # Markos Chandras (10 Dec 2016) # Reverse dependencies need testing, wrt bug #580760 >=net-libs/rb_libtorrent-1.1.1 # Brian Evans (09 Dec 2016) # Masked for removal, wrt bug 602164. # See https://github.com/PHP-FFMpeg/PHP-FFMpeg for a code based replacement dev-php/ffmpeg-php # Tim Harder (09 Dec 2016) # Masked for removal, use media-gfx/gmic[gimp] instead. media-plugins/gimp-gmic # Hans de Graaff (07 Dec 2016) # Mask ruby 2.0 for removal, bug 576034 dev-lang/ruby:2.0 # Kent Fredric (19 Nov 2016) # virtual/perl-MathBigInt-1.999.726+ Mask Block # Will likely not be unmasked until future Perls # include equivalent versions to avoid complications with virtuals >=virtual/perl-Math-BigInt-1.999.726 >=perl-core/Math-BigInt-1.999.726 >=dev-perl/Math-BigInt-GMP-1.600.0 # Robin H. Johnson (18 Nov 2016) # Depends on slotted lua =dev-db/redis-3.2.5-r1 # Ian Stakenvicius (17 Nov 2016) # Does not honour LD_LIBRARY_PATH set in the environment, causing # all mozilla packages to fail in src_install() when xpcshell is # called in ${WORKDIR}, #580726 # Segfaults when creating directories #578582 =sys-apps/sandbox-2.11* # Michał Górny (17 Nov 2016) # New version masked for testing. It supports source-window buffer size # over 2G but it 'currently performs 3-5% slower and has 1-2% worse # compression'. >=dev-util/xdelta-3.1.0 # Chí-Thanh Christopher Nguyễn (16 Nov 2016) # Mask until drivers are fixed or adjusted to depend on older versions #599976 =x11-base/xorg-drivers-1.19* =x11-base/xorg-server-1.19* # Gilles Dartiguelongue (12 Nov 2016) # Keep shotwell development series masked. >=media-gfx/shotwell-0.25 # Tim Harder (03 Nov 2016) # Masked for testing =sys-fs/fuse-3.0.0* # Sergey Popov (01 Nov 2016) # Project is dead. # Please migrate to it's successor - net-misc/bgpq3 net-misc/bgpq # Julian Ospald (21 Jul 2013) # Mask all unfetchable versions and those with tons of random # bugs and segfaults (all). Don't ask for a version bump unless # there is a working release. sci-geosciences/googleearth # Denis Dupeyron (12 Sep 2016) # Masked for testing, see bug #588894. =x11-misc/light-locker-1.7.0-r1 # Lars Wendler (06 Sep 2016) # Breaks samba's nmbd process (bug #592502) # Masked the possible fixed samba version until more testing has been performed. >=sys-libs/tevent-0.9.30 >=sys-libs/ldb-1.1.29 # Ian Stakenvicius (31 Aug 2016) # Mask old versions of thunderbird as they are no longer supported, # but we keep them in the repo for now in case there is a need # for them for upgrading old user profiles, etc. ~mail-client/thunderbird-24.8.0 ~mail-client/thunderbird-31.8.0 ~mail-client/thunderbird-38.8.0 # Lars Wendler (26 Aug 2016) # Masked while being tested and reverse deps aren't fully compatible =dev-libs/openssl-1.1* # Pacho Ramos (21 Aug 2016) # Security issues (#562898) =app-admin/lsyncd-2.1.5 # Brian Evans (18 Aug 2016) # Mask new MariaDB alphas for testing >=dev-db/mariadb-10.2.0 # Mike Gilbert (07 Aug 2016) # Fails to switch cpufreq governor. # https://bugs.gentoo.org/590780 ~sys-power/cpupower-4.7.0 # Michał Górny (7 Aug 2016) # Issue with thunar detailed view # Masked for more restrictive testing. =xfce-base/exo-0.11.1 # Alexis Ballier <2 Aug 2016> # Doesn't install .so, causing all its revdeps to fail to build. # Doesn't honour USE=static-libs. # Bugs #590272, #590270, #590268, #590266 etc. =sci-libs/fftw-3.3.5 # Michał Górny (18 Jul 2016) # Pre-release of a complete rewrite, provided for early testing. Not all # functionality is provided yet. Use --pretend to make sure correct # files will be removed. >=app-admin/eclean-kernel-1.99 # Kent Fredric (16 Jul 2016) # Test2/Test-Simple-1.301 Block # Radically changed upstream and is critical to all Perl modules. # Masked for extended testing. # Will likely not be unmasked till equivalent versions ship in Perl itself. >=perl-core/Test-Simple-1.301.0 >=virtual/perl-Test-Simple-1.301.0 dev-perl/Test2-Suite >=dev-perl/Data-Validate-Domain-0.120.0 dev-perl/Test2-Plugin-NoWarnings dev-perl/Params-ValidationCompiler >=dev-perl/DateTime-Locale-1.60.0 >=dev-perl/DateTime-TimeZone-2.20.0 >=dev-perl/DateTime-1.370.0 # Mike Pagano (15 Jul 2016) # These two kernels have a serious OOM regression # Fix in 4.1.28-r1 and 3.18.37-r1 =sys-kernel/gentoo-sources-3.18.37 =sys-kernel/gentoo-sources-4.1.28-r1 =sys-kernel/gentoo-sources-4.1.28 # Andrew Savchenko (09 Jul 2016) # Vulnerable due to wrong suid binary permissions (#345337) (30 Jun 2016) # Unpatched security vulnerability per bug #509920 www-apps/egroupware # Michał Górny (27 Jun 2016) # (on behalf of QA & proxy-maint) # Major QA violations, bug #587342 (#585722 in particular). games-emulation/ppsspp # Aaron Bauman (26 Jun 2016) # Unpatched security vulnerability per bug #475120 media-video/motion # Chris Reffett (25 May 2016) # The webkit-gtk:4 backend for Xiphos has known text display issues. # Use at your own risk. =app-text/xiphos-4.0.4-r1 # Luca Barbato (23 May 2016) # Masked for testing, vlc-2.2 configure rejects it. =media-video/libav-12* # Kent Fredric (15 May 2016) # Andreas K. Hüttel (21 May 2016) # Has been broken since app-arch/rar-5.0.0 due to List() # format changing. Will require upstream revision bump # or some helpful person to supply a parser patch. # Bug #483888 <=dev-perl/Archive-Rar-2.20.0-r1 # Lars Wendler (2 May 2016) # Broken reverse deps. At least one header file has been moved around. >=media-gfx/imagemagick-7.0.1.0 # Andreas K. Hüttel (16 Apr 2016) # Masked because of security bug 580210 =www-misc/monitorix-3.6.0 =www-misc/monitorix-3.8.1 # Richard Freeman (16 Apr 2016) # Masked for extended testing, and porting of openrc scripts # if necessary. >=media-tv/mythtv-0.28 >=media-plugins/mythplugins-0.28 >=www-apps/mythweb-0.28 # Patrick Lauer (05 Apr 2016) # --configtest is broken, mask until 2.3.1 release =app-admin/logstash-bin-2.3.0* # James Le Cuirot (03 Apr 2016) # Masking Spring Framework for the time being as 3.2.4 is old, has # multiple vulnerabilities, and we're not likely to update it # soon. Hopefully we can revisit it when the Maven stuff works out. dev-java/spring-aop dev-java/spring-beans dev-java/spring-core dev-java/spring-expression dev-java/spring-instrument # Andreas K. Hüttel (03 Apr 2016) # Can exhaust all available memory depending on task # but is made available for experts who heed this warning # as newer versions produce different output. Contact # the proxied maintainer Matthew Brewer # for questions. <=media-gfx/slic3r-1.1.9999 # José María Alonso (24 Mar 2016) # Fails to build dev-lisp/sbcl-1.3.3 #563812 =dev-lisp/asdf-3.1.7 =dev-lisp/uiop-3.1.7 # Aaron Bauman (19 Mar 2016) # Unpatched security vulnerability per bug #512356. =app-forensics/chkrootkit-0.49 # Patrick Lauer (22 Feb 2016) # Inactive upstream, build failures, obsoleted by rakudo/perl6 dev-lang/niecza dev-lang/niecza-bin # Eray Aslan (22 Feb 2016) # Mask experimental software =mail-mta/postfix-3.2* # James Le Cuirot (07 Feb 2016) # Masked until 2.0 final arrives, which hopefully won't depend on # commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the # tree should have actually been 2.0_beta1. There are no revdeps. dev-java/jcs # Mike Frysinger (18 Jan 2016) # Force people to migrate to the new combined libraries: # media-libs/elementary & dev-libs/efl. #571796 app-benchmarks/expedite dev-games/etrophy dev-libs/ecore dev-libs/edbus dev-libs/eet dev-libs/eeze dev-libs/efreet dev-libs/eina dev-libs/eio dev-libs/embryo dev-libs/eobj dev-libs/ephysics media-libs/edje media-libs/emotion media-libs/ethumb media-libs/evas x11-plugins/echievements # Andreas K. Hüttel (9 Jan 2016) # Errorneously added. Is already in perl-core. Please uninstall. dev-perl/ExtUtils-Constant # Andrey Grozin (04 Jan 2016) # Needs a bump and substantial ebuild rewrite =sci-mathematics/reduce-20110414-r1 # Victor Ostorga (30 Dec 2015) # Mask this liferea version because upstream released it broken =net-news/liferea-1.10.17 # Michał Górny (30 Oct 2015) # Uses unsafe ioctls that could result in data corruption. Upstream # is working on replacing them in the wip/dedup-syscall branch. # Keep it masked until they are done. sys-fs/duperemove is # the suggested replacement for the meantime. sys-fs/bedup # Ian Delaney (27 Oct 2015) # fails to build dev-lisp/sbcl-1.2.16 #563812 # mgorny: dev-lisp/uiop as version-bound revdep =dev-lisp/asdf-3.1.6 =dev-lisp/uiop-3.1.6 # Justin Lecher (23 Oct 2015) # Breaking changes #563540 =app-text/ghostscript-gpl-9.18 # Mike Pagano (2 Oct 2015) # A regression in kernel 4.1.9 could lead to a system # lockup. This has been fixed in gentoo-sources-4.1.9-r1 # and the hope is that this patch will make it to 4.1.10 # Expires (2 Oct 2017) =sys-kernel/vanilla-sources-4.1.9 =sys-kernel/gentoo-sources-4.1.9 # Andreas K. Huettel (19 Sep 2015) # Masked for security reasons, bugs 516044, 552644 # Keeping it in the tree for now for users who cannot upgrade # (commercial product, separate licenses for major versions) =app-emulation/vmware-workstation-9* =app-emulation/vmware-modules-271* # Lars Wendler (09 Sep 2015) # Masked for testing >=net-fs/samba-4.3.0 # Lars Wendler (20 Aug 2015) # Releases are not from original upstream but from a fork. # Masked as requested by vapier. ~net-misc/iputils-20160308 # Sebastian Pipping (8 Aug 2015) # Upcoming, too young to go into testing unmasked dev-libs/iniparser:4 # Davide Pesavento (23 Jul 2015) # Standalone version of qtwebkit from the 2.3 upstream branch. # Needs revdep testing. Bug #388207. =dev-qt/qtwebkit-4.10* # Ian Delaney (21 Jul 2015) # The revbump has versions of lua which are also masked. # Masked until those slotted versions are unmasked =sys-apps/roccat-tools-3.5.0-r1 # Ben de Groot (20 Jul 2015) # Version bump is a WIP, see bug #524242 # It works (except USE=vamp) but is not up to Gentoo standards yet >=media-sound/audacity-2.1.1 # Patrick Lauer (1 Jul 2015) # Wrong version #553670 =sys-kernel/gentoo-sources-4.1.1 # Patrick Lauer (14 Jun 2015) # Has race condition / failure modes that make systems unusable # See #551724 and duplicates =sys-fs/udev-init-scripts-29 # Justin Lecher (28 Feb 2015) # Unfixed security problems # No upstream support anymore # CVE-2015-{0219,0220,0221,0222,5145} # #536586 # #554864 =dev-python/django-1.4* =dev-python/django-1.5* =dev-python/django-1.6* # Not supported by any django version upstream supports dev-python/south # Tony Vroon (5 Jan 2015) # Asterisk 13 is an LTS release but has not seen # sufficient releases to be considered ready for # production usage. You are welcome to have a go # but please be careful. =net-misc/asterisk-13* # Jeroen Roovers (12 Dec 2014) # The 96 and 173 branches are no longer supported and remain vulnerable to # CVE-2014-8298 (bug #532342). You may be able to mitigate the vulnerability by # disabling GLX indirect rendering protocol support on the X server. (28 Aug 2014) # Security mask, wrt bug #519650 # If your application is broken due to this mask, # please file a separate bug report (04 Aug 2014) # Masked for testing, presently fails upstream testsuite: # FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1 # FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed. # FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1 =sys-libs/db-6.1* =sys-libs/db-6.2* # Ulrich Müller (15 Jul 2014) # Permanently mask sys-libs/lib-compat and its reverse dependencies, # pending multiple security vulnerabilities and QA issues. # See bugs #515926 and #510960. sys-libs/lib-compat sys-libs/lib-compat-loki games-action/mutantstorm-demo games-action/phobiaii games-fps/rtcw games-fps/unreal games-strategy/heroes3 games-strategy/heroes3-demo games-strategy/smac sys-block/afacli # Mikle Kolyada (27 Jun 2014) # Masked for proper testing. (Major updates in the code). ~dev-perl/PortageXS-0.02.12 ~dev-perl/PortageXS-0.2.12 # Robin H. Johnson (21 Jun 2014) # Needs work, but infra needs it for new VM boxes app-emulation/openstack-guest-agents-unix app-emulation/xe-guest-utilities # Hans de Graaff (1 Jun 2014) # Mask new rubinius version for testing. This needs more work # to fully integrate it in our Gentoo ruby handling. Volunteers # welcome. =dev-lang/rubinius-3* # Tom Wijsman (03 May 2014) # Needs to be further tested and revised by both Java and Ruby herds. >=dev-java/jruby-1.7.12 dev-ruby/bitescript dev-ruby/duby dev-ruby/weakling # Matti Bickel (22 Apr 2014) # Masked slotted lua for testing # William Hubbs (07 Aug 2016) # Taking this mask since Mabi is retired # Rafael Martins (04 Dec 2016) # Adding Lua 5.3 to mask app-eselect/eselect-lua =dev-lang/lua-5.1.5-r2 =dev-lang/lua-5.1.5-r100 =dev-lang/lua-5.2.3 =dev-lang/lua-5.2.3-r1 =dev-lang/lua-5.3.3 # Sergey Popov (20 Mar 2014) # Security mask of vulnerable versions, wrt bug #424167 (04 Mar 2014) # Dev channel releases are only for people who are developers or want more # experimental features and accept a more unstable release. www-plugins/chrome-binary-plugins:unstable # Justin Lecher (14 Oct 2013) # Seems to break all deps - API change? >=sci-libs/metis-5 # Sergey Popov (18 Sep 2013) # Mask development releases of botan: # - causes many API breakages # - do not compile in some USE-flag combinations # - requires at least gcc 4.7(and possibly even 4.8 for some features) >=dev-libs/botan-1.11.0 # Michael Weber (17 Jul 2013) # Upstream next versions >=sys-boot/raspberrypi-firmware-1_pre # Julian Ospald (26 Jun 2013) # Depends on masked dev-lang/lua-5.2 =games-emulation/sdlmame-0.149 =games-emulation/sdlmess-0.149 # Chí-Thanh Christopher Nguyễn (25 Jun 2013) # Mask new ptlib/opal for breakage, tracked in bug #474742 # Lars Wendler (29 Apr 2014) # Adjusted mask so newer versions get covered as well. >=net-libs/ptlib-2.12.0 >=net-libs/opal-3.12.0 # Pacho Ramos (15 Jun 2013) # Upstream stalled, improper rendering (#470818), # use app-editors/efte instead. =app-editors/fte-20110708 # Michael Weber (18 Apr 2013) # Masked due test failures =app-arch/advancecomp-1.17 # Richard Freeman (24 Mar 2013) # Contains known buffer overflows. Package generally works # but should not be fed untrusted input (eg from strangers). # Masked to ensure users are aware before they install. app-text/cuneiform # Samuli Suominen (06 Mar 2012) # Masked for testing since this is known to break nearly # every reverse dependency wrt bug 407091 >=dev-lang/lua-5.2.0 # Samuli Suominen (30 Oct 2011) # Masked for security bug #294253, use only at your own risk! =media-libs/fmod-3* # Mike Frysinger (07 Mar 2010) # Very old packages that people should have upgraded away from # long ago. Courtesy mask ... time to upgrade. # Added (03 Jan 2009) # These packages are not supposed to be merged directly, instead # please use sys-devel/crossdev to install them. dev-libs/cygwin dev-util/mingw-runtime dev-util/mingw64-runtime dev-util/w32api sys-libs/newlib dev-embedded/msp430-binutils dev-embedded/msp430-gcc dev-embedded/msp430-gdb dev-embedded/msp430-libc dev-embedded/msp430mcu dev-embedded/avr-libc # Chris Gianelloni (03 Mar 2008) # Masking due to security bug #194607 and security bug #204067 games-fps/doom3 games-fps/doom3-cdoom games-fps/doom3-chextrek games-fps/doom3-data games-fps/doom3-demo games-fps/doom3-ducttape games-fps/doom3-eventhorizon games-fps/doom3-hellcampaign games-fps/doom3-inhell games-fps/doom3-lms games-fps/doom3-mitm games-fps/doom3-phantasm games-fps/doom3-roe games-fps/quake4-bin games-fps/quake4-data games-fps/quake4-demo # (01 Apr 2004) # The following packages contain a remotely-exploitable # security vulnerability and have been hard masked accordingly. # # Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info # games-fps/unreal-tournament-goty games-fps/unreal-tournament-strikeforce games-fps/unreal-tournament-bonuspacks games-fps/aaut