path: root/profiles/package.mask

####################################################################
# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15807 2014/06/19 21:48:41 idl0r Exp $
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
# careful not to commit atoms that are not valid, as it can cause large-scale
# breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (25 Jan 2013)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---

# Anthony G. Basile <blueness@gentoo.org> (14 Jun 2014)
# Masked for removal in 30 days, bug #495848
net-libs/cyassl

# Markos Chandras <hwoarang@gentoo.org> (14 Jun 2014)
# Masked for testing in production
>=sys-auth/sssd-1.11.6

# Mike Gilbert <floppym@gentoo.org> (13 Jun 2014)
# Masked due to security bug 499870.
# Please migrate to net-misc/libreswan.
# If you are a Gentoo developer, feel free to pick up maintenence of openswan
# and remove this mask after resolving the security issue.
net-misc/openswan

# Mike Gilbert <floppym@gentoo.org> (10 Jun 2014)
# Masked due to pending dev-python/imaging removal, bug 471488.
media-sound/decibel-audio-player
=net-im/pymsn-t-0.11.3-r3
sci-physics/camfr

# Tom Wijsman <TomWij@gentoo.org> (8 Jun 2014)
# Mask VLC ebuilds that are affected with security bug CVE-2013-6934:
# 
#     A vulnerability has been discovered in VLC Media Player, which can be
#     exploited by malicious people to compromise a user's system.
#
# Some ebuilds also have other buffer and integer overflow security bugs like
# CVE-2013-1954, CVE-2013-3245, CVE-2013-4388 and CVE-2013-6283.
#
# Users should consider to upgrade VLC Media Player to at least version 2.1.2.
<media-video/vlc-2.1.2

# Tom Wijsman <TomWij@gentoo.org> (6 Jun 2014)
# Mask gentoo-sources ebuilds that are affected with security bug CVE-2014-3153.
#
# Pinkie Pie discovered an issue in the futex subsystem that allows a
# local user to gain ring 0 control via the futex syscall. An
# unprivileged user could use this flaw to crash the kernel (resulting
# in denial of service) or for privilege escalation.
#
# https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-3153
=sys-kernel/gentoo-sources-3.2.58-r2
~sys-kernel/gentoo-sources-3.4.90
=sys-kernel/gentoo-sources-3.4.91
~sys-kernel/gentoo-sources-3.10.40
=sys-kernel/gentoo-sources-3.10.41
~sys-kernel/gentoo-sources-3.12.20
=sys-kernel/gentoo-sources-3.12.21
~sys-kernel/gentoo-sources-3.14.4
=sys-kernel/gentoo-sources-3.14.5

# Hans de Graaff <graaff@gentoo.org> (2 Jun 2014)
# Mask old slots and packages for removal in 30 days since SRC_URI
# still points to rubyforge mirrors, bug 512132. These are all leaf
# packages, have not seen releases in a long time, and only provide
# their code on rubyforge.
dev-ruby/deprecated:2
dev-ruby/jruby-debug-base
dev-ruby/rack:1.2
dev-ruby/rack:1.3
dev-ruby/text-format
games-util/rubygfe

# Hans de Graaff <graaff@gentoo.org> (1 Jun 2014)
# Mask new rubinius version for testing
=dev-lang/rubinius-2*

# Markos Chandras <hwoarang@gentoo.org> (30 May 2014)
# Mask beta release
=app-i18n/transifex-client-0.11_beta

# Tom Wijsman <TomWij@gentoo.org> (30 May 2014)
# CVE-2012-1721 - Remote Code Execution Vulnerability
#
# Vulnerable: IBM Java SE 5.0 SR12-FP5
# URL:        http://www.securityfocus.com/bid/53959/
dev-java/ibm-jdk-bin:1.5

# Michał Górny <mgorny@gentoo.org> (29 May 2014)
# New multilib conversions. Unmask along with corresponding
# emul-linux-x86 packages, and make sure they're committed first :).
>=dev-libs/nspr-4.10.6-r1
>=dev-libs/nss-3.16-r1
>=app-emulation/emul-linux-x86-baselibs-20140508-r13
>=net-misc/curl-7.37.0-r1
>=app-emulation/emul-linux-x86-baselibs-20140508-r14
>=media-libs/libquvi-0.9.4-r1:0
>=media-libs/libquvi-0.4.1-r2:0.4
>=media-libs/libquvi-scripts-0.9.20131130-r1:0
>=media-libs/libquvi-scripts-0.4.21-r2:0.4

# Vladimir Smirnov <civil@gentoo.org> (27 May 2014)
# Masked for testing, will defenitely cause major breakage
=dev-lang/perl-5.20*

# Pawel Hajdan jr <phajdan.jr@gentoo.org> (24 May 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
>=www-client/chromium-37

# Manuel Rüger <mrueg@gentoo.org> (23 May 2014)
# Fails to build with gnutls-3.
# See bug #421777
# Masked for removal in 30 days
sci-biology/ncbi-tools++


# Andrey Grozin <grozin@gentoo.org> (23 May 2014)
# Google closed free usage of the translate api
# Masked for removal in 30 days
app-text/qgoogletranslator
# openmcl has been renamed to clozurecl
# Masked for removal in 30 days
dev-lisp/openmcl
dev-lisp/openmcl-build-tools

# Ryan Hill <rhill@gentoo.org> (22 May 2014)
# Big API break.  Masked until something needs it.
>=dev-libs/isl-0.13

# Ian Delaney <idella4@gentoo.org> (22 May 2014)
# The bumped version has been given added py3.4 support.
# Given testsuite failures, a period of masking allows for possible 
# patching from upstream to be added to this version.
# Masked until py3.4 support is added to media-gfx/cairosvg
=dev-python/weasyprint-0.22

# Alexandre Rostovtsev <tetromino@gentoo.org> (19 May 2014)
# Masked until dev-libs/glib supports the new timezone format, bug #510422
=sys-libs/timezone-data-2014c

# Ryan Hill <rhill@gentoo.org> (18 May 2014)
# Masked for testing.
# Tracker: https://bugs.gentoo.org/495124
>=sys-devel/gcc-4.9.0

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (14 May 2014)
# Depends on libevdev which still needs keywording, bug #487944
>=x11-drivers/xf86-input-evdev-2.8.99
>=x11-drivers/xf86-input-synaptics-1.7.99

# Pacho Ramos <pacho@gentoo.org> (11 May 2014)
# Dead for ages, now in mjpegtools, bug #492886
# Removal in a month.
media-video/y4mscaler

# Justin Lecher <jlec@gentoo.org> (07 May 2014)
# Still doesn't work as expected
=sci-chemistry/ccpn-2.4.0_p140425-r1

# Brian Evans <grknight@gentoo.org> (05 May 2014)
# Mask erroenous slot for removal in 30 days
dev-db/mysql++:3

# Markos Chandras <hwoarang@gentoo.org> (03 May 2014)
# Masked for further testing
>=app-emulation/lxc-1.0.0
>=app-emulation/docker-1.0.0

# Tom Wijsman <TomWij@gentoo.org> (03 May 2014)
# Needs to be further tested and revised by both Java and Ruby herds.
>=dev-java/jruby-1.7.12

# Tom Wijsman <TomWij@gentoo.org> (02 May 2014)
# Bluetooth support in MATE has incompatibilities with recent BlueZ versions.
# If you want to try to get this working, unmask net-wireless/mate-bluetooth as
# well as the bluetooth USE flag on mate-extra/mate-user-share; I can't support
# this until the relevant upstreams have moved forward with their compatibility.
#
# https://bugs.gentoo.org/show_bug.cgi?id=508086
# https://github.com/mate-desktop/mate-bluetooth/issues/22
# http://mate-desktop.org/blog/2014-03-11-mate-desktop-singing-the-bluez
net-wireless/mate-bluetooth

# Mike Frysinger <vapier@gentoo.org> (28 Apr 2014)
# Use app-emulation/qemu instead.  It has USE=static-user to support building
# static user helpers.  See #508098 for more info. Removal in a month
app-emulation/qemu-user

# Michał Górny <mgorny@gentoo.org> (26 Apr 2014)
# (on behalf of Python team)
# Python 2.6 is no longer supported upstream and security issue fixes
# are not provided anymore. Python 2.7 is almost drop-in replacement.
# The Python itself will be masked in 30 days, and all packages will be
# removed in 60 days.
dev-lang/python:2.6
dev-python/argparse
dev-python/ordereddict

# Tim Harder <radhermit@gentoo.org> (25 Apr 2014)
# Masked for testing
=dev-libs/protobuf-c-1.0.0*

# Mike Gilbert <floppym@gentoo.org> (23 Apr 2014)
# Unused python library. Should have been removed with the moz* packages.
# Removal in 30 days.
dev-python/manifestdestiny

# Matti Bickel <mabi@gentoo.org> (22 Apr 2014)
# Masked slotted lua for testing
app-admin/eselect-lua
=dev-lang/lua-5.1.5-r2
=dev-lang/lua-5.1.5-r100
=dev-lang/lua-5.2.3
=dev-lang/lua-5.2.3-r1

# Samuli Suominen <ssuominen@gentoo.org> (12 Apr 2014)
# Dead upstream, unused in gentoo-x86.
# Removal in 30 days wrt bug #380193
dev-cpp/libsexymm

# Patrick Lauer <patrick@gentoo.org> (09 Apr 2014)
# Dead upstream, has known dataloss bugs.
# Please use something more sane: rsnapshot, backuppc, obnam, ...
app-backup/rdiff-backup
app-backup/pybackpack
sys-fs/rdiff-backup-fs

# Markos Chandras <hwoarang@gentoo.org> (08 Apr 2014)
# Masked for futher testing with various pam setups
=x11-misc/lightdm-1.11*

# Sergey Popov <pinkbyte@gentoo.org> (08 Apr 2014)
# Security mask of vulnerable versions, wrt bug #505278
<dev-libs/openssl-1.0.0l:0

# Markos Chandras <hwoarang@gentoo.org> (07 Apr 2014)
# Mask 0.8.0 release for testing
=dev-embedded/openocd-0.8.0

# Gilles Dartiguelongue <eva@gentoo.org> (06 Apr 2014)
# Old release, never stable, not working anymore
# See bug #327837, #382667, #492474
<media-video/pitivi-0.90

# Julian Ospald <hasufell@gentoo.org> (05 Apr 2014)
# not compilable without workarounds, see bug #499740
# and #497124
# hopefully 1.8 will improve the situation
>=dev-libs/DirectFB-1.7.1

# Alexander Vershilov <qnikst@gentoo.org> (02 Apr 2014)
# Multiple vulnerabilities, see #504724, #505860
<sys-kernel/openvz-sources-2.6.32.85.17

# Patrick Lauer <patrick@gentoo.org> (02 Apr 2014)
# Broken release, see #506452
>=dev-python/sip-4.15.5
>=dev-python/PyQt4-4.11

# Tom Wijsman <TomWij@gentoo.org> (31 Mar 2014)
# Prevent users from switching JDK / JRE implementation.
#
# Unmask this if you want to upgrade or switch to Oracle JDK / JRE 1.8.
>=virtual/jdk-1.8
>=virtual/jre-1.8

# Luca Barbato <lu_zero@gentoo.org> (30 Mar 2014)
# Current stable for upstream, pending a tinderbox run.
=media-video/libav-10*

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (26 Mar 2014)
# Affected by multiple vulnerabilities, #445916, #471098 and #472280
<media-libs/mesa-9.1.4

# Sergey Popov <pinkbyte@gentoo.org> (20 Mar 2014)
# Security mask of vulnerable versions, wrt bug #424167
<net-nds/openldap-2.4.35

# Lars Wendler <polynomial-c@gentoo.org> (14 Mar 2014)
# Masked for security reasons.
# Do NOT remove this mask or the affected packages without speaking to
# bonsaikitten first! You have been warned!
<net-fs/samba-3.6

# Michał Górny <mgorny@gentoo.org> (12 Mar 2014)
# Masked for testing and binary package built.
>=dev-python/pypy-2.3
>=dev-python/pypy-bin-2.3
>=virtual/pypy-2.3

# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Samuli Suominen <ssuominen@gentoo.org> (03 Mar 2014)
# gnome-extra/polkit-gnome is the "GTK+ polkit agent" and has no extra
# dependencies that installing lxde-base/lxpolkit would solve, thus
# the only motivation for creation of lxpolkit was to drop the word
# 'gnome' from the package's name. The packages are near identical
# by the outlook, determined by the used GTK+ theme.
#
# Raise yourself above the word 'gnome' and install the de facto GTK+ agent:
# emerge -C lxpolkit
# emerge -1 polkit-gnome
#
# Removal will happen at later date, but since there is no hurry, give it
# until rest of the year.
lxde-base/lxpolkit

# Tom Wijsman <TomWij@gentoo.org> (19 Feb 2014)
# Masked for removal in 30 days, as this is an old revision that stuck behind;
# however we are not sure if it is kept for a reason, if it is then please let
# me know such that we can continue to keep it around. Guess nobody even still
# uses this package either, but that's for another day...
=dev-java/jikes-1.22-r1

# Tim Harder <radhermit@gentoo.org> (04 Feb 2014)
# Masked for testing
=media-sound/lilypond-2.19*

# Ole Markus With <olemarkus@gentoo.org> (28 Jan 2014)
# PHP 5.6 still in early development
>=dev-lang/php-5.6

# Samuli Suominen <ssuominen@gentoo.org> (24 Jan 2014)
# Roll ~arch version back from .so.9 to .so.8 due to too many unresolved issues.
# See http://bugs.gentoo.org/479818 for progress.
>=media-libs/jpeg-9

# Christian Ruppert <idl0r@gentoo.org> (19 Jan 2014)
# Experimental, for now
=dev-vcs/gitolite-gentoo-3*

# Mike Gilbert <floppym@gentoo.org> (19 Jan 2014)
# To prevent accidental switching of release channels (bug 498306),
# google-chrome has been split into 3 packages:
#
# www-client/google-chrome
# www-client/google-chrome-beta
# www-client/google-chrome-unstable
#
# The stable channel remains as www-client/google-chrome, but has been
# switched to SLOT="0".
#
# Please unmerge your currently installed version and remerge one of the new
# packages.
www-client/google-chrome:beta
www-client/google-chrome:stable
www-client/google-chrome:unstable

# Eray Aslan <eras@gentoo.org> (18 Jan 2014)
# Mask experimental software
=mail-mta/postfix-2.12*

# Alexis Ballier <aballier@gentoo.org> (18 Jan 2014)
# Rev. deps fail to build
>=media-libs/aubio-0.4

# Michael Sterrett <mr_bones_@gentoo.org> (16 Jan 2014)
# testing mask for 3.5.x releases
>=app-admin/syslog-ng-3.5

# Tony Vroon <chainsaw@gentoo.org> (13 Jan 2014)
# Asterisk 12 is a short term "standard" release
# containing significant architectural changes.
# This is not for your production kit quite yet.
=net-misc/asterisk-12*

# Tom Wijsman <TomWij@gentoo.org> (09 Jan 2014)
# Monolithic dev-dotnet/{gnome,gtk}-sharp introduction mask, see bug #382491.
>=dev-dotnet/gnome-sharp-2.24.2-r1
>=dev-dotnet/gtk-sharp-2.12.21

# Pacho Ramos <pacho@gentoo.org> (02 Jan 2014)
# Breaks reverse dependencies and upstream don't want us
# to use it (#483562)
=media-libs/libopenraw-0.1.0_pre20130826

# Tom Wijsman <TomWij@gentoo.org> (31 Dec 2013)
# [QA] Mask LIVEVCS.unmasked versions of docker, newer versions are available.
<=app-emulation/docker-0.7.0

# Julian Ospald <hasufell@gentoo.org> (30 Dec 2013)
# breaks every consumer
=dev-games/ogre-1.9.0

# Michał Górny <mgorny@gentoo.org> (15 Dec 2013)
# Masked for testing due to almost complete redesign. It is now
# completely split and no longer has an integrated GUI. Currently,
# the only working GUI is the PyQt4 GUI and it has license issues
# (bug #494524).
>=games-emulation/mupen64plus-2
games-emulation/mupen64plus-core
games-emulation/mupen64plus-audio-sdl
games-emulation/mupen64plus-input-sdl
games-emulation/mupen64plus-rsp-hle
games-emulation/mupen64plus-ui-console
games-emulation/mupen64plus-video-glide64mk2
games-emulation/mupen64plus-video-rice
games-emulation/m64py

# Doug Goldstein <cardoe@gentoo.org> (30 Nov 2013)
# Masked for removal in 30 days. please upgrade to >=0.26
<media-tv/mythtv-0.26
<media-plugins/mythplugins-0.26
<www-apps/mythweb-0.26

# Ben de Groot <yngwin@gentoo.org> (11 Nov 2013)
# Mask older roboto versions to give users a regular upgrade path
# now that we've switched to upstream versioning
>media-fonts/roboto-9999

# Lars Wendler <polynomial-c@gentoo.org> (28 Oct 2013)
# Masked alpha releases for testing.
=app-arch/xz-utils-5.1*

# Tiziano Müller <dev-zero@gentoo.org> (24 Oct 2013)
# Mask mainline version branch
=www-servers/nginx-1.5*

# Davide Pesavento <pesa@gentoo.org> (23 Oct 2013)
# Some features require Qt 5.2, which is not in tree yet.
=dev-qt/qt-creator-3*

# Stanislav Ochotnicky <sochotnicky@gentoo.org (14 Oct 2013)
# Mask live ebuild of sys-fs/simple-mtpfs (#488038)
=sys-fs/simple-mtpfs-9999

# Justin Lecher <jlec@gentoo.org> (14 Oct 2013)
# Seems to break all deps - API change?
>=sci-libs/metis-5

# Diego Elio Pettenò <flameeyes@gentoo.org> (13 Oct 2013)
# Requires a NPN support in mod_ssl (www-server/apache) to work.
# See #471512 for more details.
www-apache/mod_spdy

# Agostino Sarubbo <ago@gentoo.org> (23 Sep 2013)
# Masked because of vulnerable versions
# DO NOT REMOVE OLDER VERSIONS
# temporarily disabled as it also breaks s390 keywording
#<net-nds/openldap-2.4.35

# Tom Wijsman <TomWij@gentoo.org> (18 Sep 2013)
# Temporarily masked due to QA issue during attempts to unbundle dependencies;
# we need to check the jar contents to check for differences, especially the
# stax dependency seems to be problematic in this regard but we'll check all of
# them to ensure that unbundling doesn't hurt some missed functionality.
# Bug #471942 tracks the progress of these unbundling efforts.
>=app-admin/ec2-api-tools-1.6.7.2-r4

# Sergey Popov <pinkbyte@gentoo.org> (18 Sep 2013)
# Mask development releases of botan:
# - causes many API breakages
# - do not compile in some USE-flag combinations
# - requires at least gcc 4.7(and possibly even 4.8 for some features)
>=dev-libs/botan-1.11.0

# Agostino Sarubbo <ago@gentoo.org> (29 Aug 2013)
# Mask 5.1 series because the backport of the CVE-2012-5627
# has not be done. bug #446240 comment 2
=dev-db/mariadb-5.1.67

# Patrick Lauer <patrick@gentoo.org> (19 Aug 2013)
# Masking live ebuilds
=www-apps/trac-mercurial-1.0.0.3_pre20130206

# Tom Wijsman <TomWij@gentoo.org> (15 Aug 2013)
# Dependencies are unable to satisfy current version,
# broken; needs a version bump from bug #475552.
dev-java/itext:5

# Ian Delaney <idella4@gentoo.org> (01 Aug 2013)
# Mask while awaiting bump to dep Djblets-0.7.16
=dev-util/reviewboard-1.7.12

# Jeroen Roovers <jer@gentoo.org> (31 Jul 2013)
# Needs >=dev-lang/lua-5.2
~net-analyzer/nmap-6.40
~net-analyzer/nmap-6.46

# Julian Ospald <hasufell@gentoo.org> (21 Jul 2013)
# Mask all unfetchable versions and those with tons of random
# bugs and segfaults (all). Don't ask for a version bump unless
# there is a working release.
sci-geosciences/googleearth

# Chris Reffett <creffett@gentoo.org> (20 Jul 2013)
# Uses vulnerable versions of bzip2, but these versions are
# necessary to reconstruct older archives. Use at your own risk.
=app-portage/deltup-0.4.5

# Michael Weber <xmw@gentoo.org> (17 Jul 2013)
# Upstream next versions
>=sys-kernel/raspberrypi-image-3.7_pre
>=sys-kernel/raspberrypi-sources-3.7_pre
>=sys-boot/raspberrypi-firmware-1_pre

# Sergey Popov <pinkbyte@gentoo.org> (12 Jul 2013)
# Probably new versions will work with hexchat too.
# Do not lastrite this, just leave mask by Lars Wendler's request.
net-irc/xchat-otr

# Michael Weber <xmw@gentoo.org> (9 Jul 2013)
# Masked for security bug 450746, CVE-2012-6095
<net-ftp/proftpd-1.3.4c

# Tom Wijsman <TomWij@gentoo.org> (30 Jun 2013)
# Sun JDK and JRE contain critical vulnerabilities and receive no further
# updates; masking to make users aware of this, users that still need this
# package and have no alternative can unmask at their own risk. See bug #473830.
#
# This is continued by Oracle Corporation, which has acquired Sun Microsystems
# in early 2010; as per http://en.wikipedia.org/wiki/Sun_acquisition_by_Oracle
#
# Users are suggested to upgrade to one of the newer Oracle packages like
# dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another
# alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
#
# Most of these packages provide a jce USE flag for those whom need the
# Java Cryptographic Extension Unlimited Strength Policy USE flag; whether that
# works depends from VM to VM, it seems to work for most except for the IBM VMs.
dev-java/sun-jdk
dev-java/sun-jre-bin
dev-java/sun-jce-bin

# Julian Ospald <hasufell@gentoo.org> (26 Jun 2013)
# Depends on masked dev-lang/lua-5.2
>=games-emulation/sdlmame-0.149
>=games-emulation/sdlmess-0.149

# Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> (25 Jun 2013)
# Mask new ptlib/opal for breakage, tracked in bug #474742
# Lars Wendler <polynomial-c@gentoo.org> (29 Apr 2014)
# Adjusted mask so newer versions get covered as well.
>=net-libs/ptlib-2.12.0
>=net-libs/opal-3.12.0

# Pacho Ramos <pacho@gentoo.org> (15 Jun 2013)
# Upstream stalled, improper rendering (#470818),
# use app-editors/efte instead.
=app-editors/fte-20110708

# Patrick Lauer <patrick@gentoo.org> (21 May 2013)
# broken dependencies -> uninstallable #470712
app-portage/g-ctan

# Michael Weber <xmw@gentoo.org> (18 Apr 2013)
# Masked due test failures
=app-arch/advancecomp-1.17

# Patrick Lauer <patrick@gentoo.org> (09 Apr 2013)
# Masked to get 0.10 tested
=net-libs/nodejs-0.11*

# Sergey Popov <pinkbyte@gentoo.org> (02 Apr 2013)
# Masking =media-libs/ffmpegsource-2.17.4_pre753
# by maintainer's request.
# This version does not work properly, see bug #464078
=media-libs/ffmpegsource-2.17.4_pre753

# Markos Chandras <hwoarang@gentoo.org> (23 Mar 2013)
# MSN service terminated.
# You can still use your MSN account in net-im/skype
# or switch to an open protocol instead
# These clients may work until Oct 2013 (or even longer in China)
net-im/kmess
net-im/amsn
x11-themes/amsn-skins

# Richard Freeman <rich0@gentoo.org> (24 Mar 2013)
# Contains known buffer overflows.  Package generally works
# but should not be fed untrusted input (eg from strangers).
# Masked to ensure users are aware before they install.
app-text/cuneiform

# Tom Wijsman <TomWij@gentoo.org> (12 Mar 2013)
# 2.5.* has known security and other issues due to an affected
# bundled ffmpeg, see bugs #446468 and #444262.
<media-video/avidemux-2.6.2

# Julian Ospald <hasufell@gentoo.org> (10 Mar 2013)
# Unsupported and full of bundled libs. Only left
# for people who don't have python-3.3 yet.
# Will be removed once python-3.3 and >=blender-2.66 enter ~arch.
=media-gfx/blender-2.64a
media-gfx/yablex

# Davide Pesavento <pesa@gentoo.org> (02 Mar 2013)
# Depends on blender, which is masked.
media-gfx/yafaray

# Doug Goldstein <cardoe@gentoo.org> (22 Jan 2013)
# Masked for development
=sys-block/open-iscsi-2.0.873

# Sergei Trofimovich <slyfox@gentoo.org> (05 Jan 2013)
# Masked for testing. Is not compatible with cvsps-2 (bug #450424).
# But can be used on it's own! Try 'cvsps --fast-export'.
>=dev-vcs/cvsps-3

# Sven Wegener <swegener@gentoo.org> (21 Dec 2012)
# temporary mask for socket location change
=app-misc/screen-4.0.3-r8

# Rick Farina <zerochaos@gentoo.org> (21 Dec 2012)
# madwifi has been replaced by ath5k and ath9k in kernel
# drivers and is subject to numerous long standing bugs
# stable wpa_supplicant sometimes wants madwifi-ng-tools
#net-wireless/madwifi-ng-tools
net-wireless/madwifi-ng

# Tim Harder <radhermit@gentoo.org> (27 Nov 2012)
# Masked for testing
=media-libs/libsfml-2*

# Robin H. Johnson <robbat2@gentoo.org> (18 Nov 2012)
# Dead upstream, replaced by gitolite
dev-vcs/gitosis
dev-vcs/gitosis-gentoo

# Markos Chandras <hwoarang@gentoo.org> (03 Nov 2012)
# Masked for testing
app-benchmarks/ltp

# Alexis Ballier <aballier@gentoo.org> (1 Nov 2012)
# Still requires ocaml-3, mask it until it is ported. If this does not happen in
# the near future, we should consider removing it.
dev-ml/ocamlduce

# Pacho Ramos <pacho@gentoo.org> (25 Oct 2012)
# obexd changed its API without any warning, it's recommended to ship
# 0.46 until https://bugzilla.gnome.org/682106 is fixed to prevent
# bluetooth-sendto breakage.
>=app-mobilephone/obexd-0.47

# Eray Aslan <eras@gentoo.org> (24 Oct 2012)
# Mask experimental software
=mail-client/squirrelmail-1.4.23*

# Michael Palimaka <kensington@gentoo.org> (19 Oct 2012)
# New major release breaks almost all existing consumers.
# Bug #478052
# Masked until each package can update its dependencies.
>=net-libs/libotr-4.0.0
>=x11-plugins/pidgin-otr-4.0.0

# Robin H. Johnson <robbat2@gentoo.org> (08 Oct 2012)
# Masked for testing
=sys-libs/db-6.0*
=sys-libs/db-5.3*
=sys-libs/db-5.2*
=sys-libs/db-5.1*
=sys-libs/db-5.0*

# Ralph Sennhauser <sera@gentoo.org> (18 Jul 2012)
# Unmaintained, multiple vulnarabilities. #351626
# A more recent source build maintained by the community is available in the
# seden overlay. A more recent binary is available in the java-overlay.
<=dev-util/eclipse-sdk-3.5.1-r1

# Michael Weber <xmw@gentoo.org> (07 Jul 2012)
# Masked for testing only beta (bug 424866)
=sci-electronics/eagle-6.2.1_beta

# Ian Stakenvicius <axs@gentoo.org> (19 Jun 2012)
# Mask new spidermonkeys until rdeps can accept it
# 1.8.7 will be masked indefinitely and will be removed
# from the tree soon.
~dev-lang/spidermonkey-1.8.7

# Michael Weber <xmw@gentoo.org> (13 Jun 2012)
# Mask beta versions for testing
>sci-electronics/magic-8

# Alexandre Rostovtsev <tetromino@gentoo.org> (20 May 2012)
# Requires dev-scheme/guile-2.0.5 which is in lisp overlay and masked;
# bug #416683
>=games-board/aisleriot-3.3.1

# Ultrabug <ultrabug@gentoo.org> (16 May 2012)
# Masked for testing
>=sys-cluster/corosync-2.0.0

# Johannes Huber <johu@gentoo.org> (03 May 2012)
# Unstable dev channel release. Fixes build with gcc47
# (bug #413941).
>=media-sound/mp3diags-1.1

# Robin H. Johnson <robbat2@gentoo.org> (09 Feb 2012)
# Needs to be slotted better
=dev-libs/yaz-4*

# Andreas K. Huettel <dilfridge@gentoo.org> (22 Mar 2012)
# Even its author admits that it's an ugly hack. Crashes e.g.
# firefox with kde-4.8. Unmask at your own risk.
kde-misc/kgtk

# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012)
# Masked for testing since this is known to break nearly
# every reverse dependency wrt bug 407091
>=dev-lang/lua-5.2.0

# Jeroen Roovers <jer@gentoo.org> (27 Mar 2012)
# Opera Next and Opera snapshots are unsupported and eternally unstable.
# <http://my.opera.com/desktopteam/blog>
www-client/opera-next

# Diego E. Pettenò <flameeyes@gentoo.org> (30 Oct 2011)
# Working on more reliable versioning, consider experimental for now.
#
# Rafael G. Martins <rafaelmartins@gentoo.org> (27 May 2013)
# Remove generic mask. These versions will be removed later.
=dev-lang/luajit-2.0.0_beta8_p1
=dev-lang/luajit-2.0.0_beta10
=dev-lang/luajit-2.0.0

# Samuli Suominen <ssuominen@gentoo.org> (30 Oct 2011)
# Masked for security bug #294253, use only at your own risk!
=media-libs/fmod-3*
games-puzzle/candycrisis
games-simulation/stoned-bin
games-sports/racer-bin
games-strategy/dark-oberon
games-strategy/savage-bin

# MATSUU Takuto <matsuu@gentoo.org> (27 Oct 2011)
# Mask for testing
>=sys-devel/distcc-3.2_rc1

# Justin Bronder <jsbronder@gentoo.org> (27 Sep 2011)
# Masking the torque 2.3 series due to bug #372959.  This allows
# sites that are ok with the vulnerability but prefer the stability
# of 2.3.x to continue to get updates (if any).
dev-perl/perl-PBS

# Alexis Ballier <aballier@gentoo.org> (20 Aug 2011)
# dev-tex/pdftex-1.40.11 is 100% identical to the one in TeX Live 2010;
# TeX Live 2011 has a newer version, which makes the standalone package useless;
# mask it for now, we'll see about removing it later.
dev-tex/pdftex

# Peter Volkov <pva@gentoo.org> (23 Jul 2011)
# Mask release candidates
=dev-libs/guiloader-2.99.0
=dev-libs/guiloader-c++-2.99.0
=dev-util/crow-designer-2.99.0

# Justin Lecher <jlec@gentoo.org> (27 Jun 2011)
# Only avalable version isn't in the tree.
# Mask until it is bumped
sci-chemistry/webmo

# Torsten Veller <tove@gentoo.org> (18 Jun 2011)
# Mask perl-5.14. See tracker bug #356171
=dev-lang/perl-5.14*

# Marijn Schouten <hkBst@gentoo.org> (07 April 2011)
# Masked for number of issues, but can be used to
# test against if people are impatient ;P
# Known issues:
# - Broken emacs support (ulm has promised to look)
# - doesn't build when boehm-gc is built without threads
# - no SLOTting yet!
=dev-scheme/guile-2.0.0

# Christian Faulhammer <fauli@gentoo.org> (12 Mar 2011)
# Mask for testing
>=www-apps/joomla-1.6.0

# Ryan Hill <dirtyepic@gentoo.org> (30 Mar 2011)
# Masked indefinitely (until 0.40 is released).
# http://bugs.gentoo.org/354423
>=app-pda/libopensync-0.30
>=app-pda/libopensync-plugin-file-0.30
>=app-pda/libopensync-plugin-irmc-0.30
>=app-pda/libopensync-plugin-palm-0.30
>=app-pda/libopensync-plugin-python-0.30
app-pda/libopensync-plugin-syncml
app-pda/libopensync-plugin-vformat
app-pda/osynctool

# Ryan Hill <dirtyepic@gentoo.org> (30 Mar 2011)
# Work in progress
# http://bugs.gentoo.org/show_bug.cgi?id=354423
app-pda/libopensync-plugin-gnokii
app-pda/libopensync-plugin-gpe
app-pda/multisync-gui

# Michael Sterrett <mr_bones_@gentoo.org> (20 Jan 2010)
# testing mask for upcoming exult release
>=games-engines/exult-1.3

# Markos Chandras <hwoarang@gentoo.org> (01 Nov 2010)
# Masking alpha releases
net-analyzer/ncrack

# Luca Barbato <lu_zero@gentoo.org> (21 Jul 2010)
# Not ready for public consumption, clashes with current mesa-git
media-libs/shivavg

# Stefan Briesenick <sbriesen@gentoo.org> (21 Jul 2010)
# doesn't compile against latest media-libs/spandsp.
# not needed anymore for Asterisk 1.6.
net-misc/asterisk-spandsp_codec_g726

# Doug Goldstein <cardoe@gentoo.org> (07 Jul 2010)
# No actual Gentoo support yet. If you're interested, please see bug #295993
net-misc/netcf

# Robin H. Johnson <robbat2@gentoo.org> (09 Jun 2010)
# Fails to self-verify/sign in FIPS mode, pending upstream response before
# usage for GSoC project.
app-crypt/hmaccalc

# Patrick Lauer <patrick@gentoo.org> (07 Apr 2010)
# Lars Wendler <polynomial-c@gentoo.org> (14 Oct 2013)
# Keeping samba-4.0 masked until bug #447022 is fixed. 4.1 masked for testing.
=net-fs/samba-4.0*
=net-fs/samba-4.1*

# Mike Frysinger <vapier@gentoo.org> (07 Mar 2010)
# Very old packages that people should have upgraded away from
# long ago.  Courtesy mask ... time to upgrade.
# Added <sys-fs/e2fsprogs as well (halcy0n)
<sys-libs/e2fsprogs-libs-1.41.8
<sys-fs/e2fsprogs-1.41.9

# Robert Piasek <dagger@gentoo.org> (23 Feb 2010)
# Masking libmapi as it depends on masked samba4
>=net-libs/libmapi-0.9

# Peter Alfredsen <loki_val@gentoo.org> (21 Oct 2009)
# Masked because this needs a patch to be applied to portage
# to not install the kitchensink and everything else
# into /usr/src/debug with FEATURES=installsources
=dev-util/debugedit-4.4.6-r2

# Diego E. Pettenò <flameeyes@gmail.com> (09 Oct 2009)
# Untested yet; documented only in Russian, help is appreciated.
sys-auth/pam_keystore

# Diego E. Pettenò <flameeyes@gentoo.org> (08 Aug 2009)
#  on behalf of QA Team
#
# Mass-masking of live ebuilds; we cannot guarantee working state of
# live ebuilds, nor the availability of the server hosting them. As
# per QA team policy, all these need to be kept masked by default, if
# available in the tree.
~app-doc/devmanual-9999
=app-forensics/openscap-9999
~app-i18n/skk-jisyo-9999
=app-misc/mc-9999
~app-misc/screenfetch-9999
=app-misc/sleepyhead-9999
=app-pda/libsyncml-9999
=app-pda/libopensync-9999
=app-pda/osynctool-9999
=app-pda/libopensync-plugin-evolution2-9999
=app-pda/libopensync-plugin-file-9999
=app-pda/libopensync-plugin-gnokii-9999
=app-pda/libopensync-plugin-gpe-9999
=app-pda/libopensync-plugin-irmc-9999
=app-pda/libopensync-plugin-palm-9999
=app-pda/libopensync-plugin-python-9999
=app-pda/libopensync-plugin-syncml-9999
=app-pda/libopensync-plugin-vformat-9999
app-portage/layman-dbtools
=dev-embedded/openocd-9999
~dev-lang/jimtcl-9999
~dev-libs/libg15-9999
=net-print/cups-9999
~dev-util/buildbot-9999
~dev-util/buildbot-slave-9999
=net-im/kmess-9999
net-misc/netcomics-cvs
=media-plugins/vdr-xineliboutput-9999
=media-plugins/vdr-xvdr-9999
=sci-astronomy/casa-data-99999
=sys-fs/redirfs-9999
sys-kernel/zen-sources
=www-plugins/google-talkplugin-9999
~x11-wm/openbox-9999

# Jeremy Olexa <darkside@gentoo.org> (28 Jul 2009)
# On behalf of Robin H. Johnson <robbat2@gentoo.org>.
# These versions are vulnerable to GLSA's and should not be used. They will stay
# in the tree because they are useful to tracking down bugs. You have been
# warned. bug 271686
<dev-db/mysql-5.1.56
<virtual/mysql-5.1

# Tiziano Müller <dev-zero@gentoo.org> (08 Apr 2009)
# pre-releases
>=app-editors/gobby-0.4.91

# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-libs/cygwin
dev-util/mingw-runtime
dev-util/mingw64-runtime
dev-util/w32api
sys-libs/newlib
dev-embedded/msp430-binutils
dev-embedded/msp430-gcc
dev-embedded/msp430-gdb
dev-embedded/msp430-libc
dev-embedded/msp430mcu
dev-embedded/avr-libc

# Markus Ullmann <jokey@gentoo.org> (07 Jul 2008)
# mask for security bug #190667 (CVE-2007-{4584,5839})
# and for various other build problems (bug #425634)
#
# both CVEs are fixed in upstream version control as per:
# http://bitchx.svn.sourceforge.net/svnroot/bitchx/trunk/Changelog
net-irc/bitchx

# Vlastimil Babka <caster@gentoo.org> (20 May 2008)
# Masked for testing
app-arch/rpm5

# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008)
# Masking due to security bug #194607 and security bug #204067
games-fps/doom3
games-fps/doom3-cdoom
games-fps/doom3-chextrek
games-fps/doom3-data
games-fps/doom3-demo
games-fps/doom3-ducttape
games-fps/doom3-eventhorizon
games-fps/doom3-hellcampaign
games-fps/doom3-inhell
games-fps/doom3-lms
games-fps/doom3-mitm
games-fps/doom3-phantasm
games-fps/doom3-roe
games-fps/quake4-bin
games-fps/quake4-data
games-fps/quake4-demo

# MATSUU Takuto <matsuu@gentoo.org> (05 Apr 2007)
# to be tested, seems unstable
>=app-i18n/scim-anthy-1.3.0

# Tavis Ormandy <taviso@gentoo.org> (21 Mar 2006)
# masked pending unresolved security issues #127167
games-roguelike/slashem

# Tavis Ormandy <taviso@gentoo.org> (21 Mar 2006)
# masked pending unresolved security issues #125902
games-roguelike/nethack
games-util/hearse

# Robin H. Johnson <robbat2@gentoo.org> (11 Feb 2006)
# zlib interaction is badly broken. See bug #124733.
=dev-vcs/cvs-1.12.13*

# <klieber@gentoo.org> (01 Apr 2004)
# The following packages contain a remotely-exploitable
# security vulnerability and have been hard masked accordingly.
#
# Please see http://bugs.gentoo.org/show_bug.cgi?id=44351 for more info
#
games-fps/unreal-tournament-goty
games-fps/unreal-tournament-strikeforce
games-fps/unreal-tournament-bonuspacks
games-fps/aaut