summaryrefslogtreecommitdiff
blob: 00b39b1ba24653ca25fc7c98bbf982221f7346e4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
####################################################################
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
# careful not to commit atoms that are not valid, as it can cause large-scale
# breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (23 May 2015)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---

# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# Upstream website disappeared, and along with it remote index needed
# for the program to work.  No maintainer; package last touched in 2012.
# Removal in 30 days.  Bug #673600.
app-text/rfcutil

# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# Unmaintained in Gentoo, obsoleted upstream.  Tests fail (#632706).
# Upstream suggests switching to Kubernetes.
# Removal in 30 days.  Bug #676728.
app-admin/fleet

# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# Unmaintained in Gentoo, abandoned upstream.  Last commit in 2012.
# Fails to build, in multiple ways (#638842, #672190, #672196).
# One of the two remaining unconditional revdeps of dev-libs/dietlibc.
# Many alternatives exist, starting with net-analyzer/dsniff.
# Removal in 30 days.  Bug #678520.
net-analyzer/dietsniff

# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# Last reverse dependency of dev-libs/libgcrypt-1.5* (#656378).  Current
# version is outdated, maintainer is MIA and the new versions are
# in distro-unfriendly AppImage format (#661740).
# Removal in 30 days.  Bug #677486.
dev-util/staruml-bin
=dev-libs/libgcrypt-1.5*

# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# pyliblzma installs an old 'lzma' module that is incompatible with
# the 'lzma' built-in in Python 3.  As a result, programs written
# to conditionally import the latter when available (assuming it will
# have Python 3 API) are broken by its presence.  The suggested
# replacement is dev-python/backports-lzma that is backported
# from Python 3.
#
# Yum is the only reverse dependency of pyliblzma left (#643312).  Its
# last release is from 2011, and the current Gentoo snapshot is
# from 2017.  Upstream git hosting / gitweb is broken and makes it
# impossible to fetch current sources.  Fedora is apparently replacing
# it with DNF.
#
# Removal in 30 days.  Bug #643308.
app-arch/createrepo
dev-python/pyliblzma
sys-apps/yum

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Obscure package with multiple bugs open.  Blocks removal
# of dev-libs/dietlibc (#498256) and dev-libs/beecrypt (#666599).
# Unresolved segfaults (#641112) or build failures (#650578), depending
# on the GCC version/profile.
# Removal in 30 days.  Bug #680264.
sys-cluster/util-vserver

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Unresolved vulnerability (CVE-2018-14663).  The maintainer is inactive
# for over a year.
# Removal in 30 days.  Bug #670214.
net-dns/dnsdist

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Contains vulnerability (CVE-2016-2049) that has not been resolved
# for almost 3 years.  No reverse dependencies.
# Removal in 30 days.  Bug #572882.
dev-php/php-openid

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# The eselect module is obsolete, now that dev-lang/gnat-gpl is the only
# implementation in Gentoo.  It is unmaintained and has unresolved QA
# issues.
# Removal in 30 days.  Bug #362753.
app-eselect/eselect-gnat

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# An ancient netcat clone that has been declared obsolete upstream,
# yet keeps confusing Gentoo users into thinking it's better than
# the original.  Recommended alternatives are net-analyzer/netcat,
# net-analyzer/openbsd-netcat, net-misc/socat...
# Removal in 30 days.  Bug #573814.
net-analyzer/netcat6

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# An obscure GNU audio file library with no reverse dependencies.  Last
# release in 2015 (and we are one release behind).  Fails to build.
# Removal in 30 days.  Bug #545818.
media-libs/ccaudio2

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Library part of the gobby editor that has been removed in 2016.
# It has no maintainer, no revdeps and suffers from GID collision
# (#537488).
# Removal in 30 days.  Bug #680216.
net-libs/libinfinity

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Ancient asynchronous DNS library.  The current Gentoo version is
# from 2006, and lacks support for IPv6, NSS, /etc/hosts.  There were
# some new upstream activity in 2014-2016 but there is probably
# no reason to bump it, now that it has no reverse dependencies anymore.
# It had no Gentoo maintainer since 2004, when metadata.xml was added.
# A good alternative is net-dns/c-ares.
# Removal in 30 days.  Bug #513238.
net-libs/adns

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Ancient event-loop library with no reverse dependencies.  The current
# version has been released in 2003, and has no maintainer since
# at least 2006 (when metadata.xml was added).  Upstream released 1.0.1
# at some point but there's probably no use in bumping it.  Blocks
# removal of net-libs/adns.  Alternatives includes dev-libs/glib,
# dev-libs/libevent, dev-libs/libev and many more.
# Removal in 30 days.  Bug #680212.
dev-libs/liboop

# Michał Górny <mgorny@gentoo.org> (13 Mar 2019)
# Both packages duplicate each other (#511032) and share the same bugs.
# They are both unmaintained, apparently fail to build (#541894)
# and have a bump pending for over 3 years (#557284).
# Removal in 30 days.  Bug #680208.
net-misc/rancid
net-misc/rancid-git

# Hans de Graaff <graaff@gentoo.org> (12 Mar 2019)
# Mask unused obsolete slot for removal in 30 days.
dev-ruby/trollop:0

# Virgil Dupras <vdupras@gentoo.org> (10 Mar 2019)
# Merged in pytest, no revdep. Removal in 30 days. Bug #668746
dev-python/pytest-capturelog

# Michał Górny <mgorny@gentoo.org> (09 Mar 2019)
# According to bug #678914, our version is over 5 years old.  It has
# open bugs (#671742, #671990) and is non-trivial to bump due to being
# merged into schily-tools (#672060).  It lacks dedicated maintainer
# interested in doing that.  app-arch/tar (GPL) and app-arch/libarchive
# (BSD) are good replacements for modern uses.
# Removal in 30 days.  Bug #679030.
app-arch/star

# Michael Palimaka <kensington@gentoo.org> (07 Mar 2019)
# Fails to build with ffmpeg-4 (bug #673352). Dead upstream.
# Masked for removal in 30 days.
media-sound/karlyriceditor

# Matt Turner <mattst88@gentoo.org> (06 Mar 2019)
# Does not build with glibc >= 2.25 (stabilized a year ago). Unmaintained by
# maintainer-by-proxy: Bugs #628734 and #641176
# Removal in 30 days
sys-fs/cryptmount

# Georgy Yakovlev <gyakovlev@gentoo.org> (06 Mar 2019)
# Mask rust 1.33.0 & co because it breaks firefox simd
# https://bugzilla.mozilla.org/show_bug.cgi?id=1521249
# https://bugs.gentoo.org/679656
>=dev-lang/rust-1.33.0
>=dev-lang/rust-bin-1.33.0
>=virtual/rust-1.33.0
>=virtual/cargo-1.33.0

# Mikle Kolyada <zlogene@gentoo.org> (04 Mar 2019)
# Mask Squid-4.x for testing
=net-proxy/squid-4*

# Matt Turner <mattst88@gentoo.org> (02 Mar 2019)
# Old, unused drivers.
# Masked for removal in 30 days. Bug #679256
x11-drivers/xf86-input-elographics
x11-drivers/xf86-video-newport
x11-drivers/xf86-video-tdfx
x11-drivers/xf86-video-voodoo

# Matt Turner <mattst88@gentoo.org> (02 Mar 2019)
# No reverse dependencies. No releases in 13 years.
# Masked for removal in 30 days. Bug #679256
x11-libs/libxkbui

# Andreas Sturmlechner <asturm@gentoo.org> (02 Mar 2019)
# Completely broken. Masked for removal in 30 days.
# Bugs 630924, 639310, 640728, 644654, 654892, 655096, 670822
media-video/dcpomatic
media-libs/libasdcp-cth
media-libs/libdcp
media-libs/libsub

# Eray Aslan <eras@gentoo.org> (01 Mar 2019)
# Mask experimental software
=mail-mta/postfix-3.5*

# Andreas K. Huettel <dilfridge@gentoo.org> (23 Feb 2019)
# Fails to build with glibc-2.28, bug 669206.
# Removal in 30 days.
app-arch/freeze

# Michał Górny <mgorny@gentoo.org> (13 Feb 2019)
# Release candidate, masked for testing.
=sys-devel/llvm-common-8.0.0_rc*
=sys-devel/llvm-8.0.0_rc*
=sys-devel/llvmgold-8
=dev-python/lit-8.0.0_rc*
=dev-ml/llvm-ocaml-8.0.0_rc*
=sys-devel/lld-8.0.0_rc*
=sys-devel/clang-common-8.0.0_rc*
=sys-devel/clang-8.0.0_rc*
=dev-python/clang-python-8.0.0_rc*
=dev-util/lldb-8.0.0_rc*
=sys-libs/compiler-rt-8.0.0_rc*
=sys-libs/compiler-rt-sanitizers-8.0.0_rc*
=sys-libs/llvm-libunwind-8.0.0_rc*
=sys-libs/libcxxabi-8.0.0_rc*
=sys-libs/libcxx-8.0.0_rc*
=sys-libs/libomp-8.0.0_rc*
=sys-devel/clang-runtime-8.0.0_rc*

# Miroslav Šulc <fordfrog@gentoo.org> (10 Feb 2019)
# Depends on >=virtual/{jdk,jre}-11 which is masked
=www-servers/tomcat-9.0.16

# Jeroen Roovers <jer@gentoo.org> (31 Jan 2019)
# Depends on =dev-libs/openssl-1.1.1*
# bug #670574
=net-libs/nodejs-11.10*
=net-libs/nodejs-11.11*

# Dennis Lamm <expeditioneer@gentoo.org> (29 Jan 2019)
# Depends on >=app-text/enchant-2.0.0 which is masked
=gnome-extra/gtkhtml-4.10.0-r1

# Dennis Lamm <expeditioneer@gentoo.org> (28 Jan 2019)
# Depends on >=app-text/enchant-2.0.0 which is masked
>=app-text/gtkspell-3.0.10

# Dennis Lamm <expeditioneer@gentoo.org> (28 Jan 2019)
# Depends on >=app-text/enchant-2.1.3 which is masked
>=app-text/gspell-1.8.1

# Miroslav Šulc <fordfrog@gentoo.org> (23 Jan 2019)
# Depends on >=virtual/{jdk,jre}-11 which is masked
=dev-java/ant-eclipse-ecj-4.10
=dev-java/eclipse-ecj-4.10
=www-servers/tomcat-9.0.14

# Craig Andrews <candrews@gentoo.org> (1 Jan 2019)
# Requires dev-libs/openssl-1.1.1, Bug 674148
dev-libs/gost-engine

# Lars Wendler <polynomial-c@gentoo.org> (28 Dec 2018)
# Masked while being tested and reverse deps aren't fully compatible
=dev-libs/openssl-1.1.1*

# Hanno Boeck <hanno@gentoo.org (23 Dec 2018)
# Needs new OpenSSL, should be unmasked together with
# OpenSSL 1.1.1
>=app-crypt/osslsigncode-2.0

# Thomas Deutschmann <whissi@gentoo.org> (10 Dec 2018)
# Requires >=dev-lang/lua-5.2 which is masked
>=app-admin/lsyncd-2.2.3

# Andreas Sturmlechner <asturm@gentoo.org> (25 Nov 2018)
# Masked per security vulnerability CVE-2018-14345, bug #661510
# Keeping it masked while users have unsolved issues with >0.15.0.
<x11-misc/sddm-0.18.0

# Ian Stakenvicius <axs@gentoo.org> (07 Nov 2018)
# on behalf of Mozilla Project <mozilla@gentoo.org>
# Mask old/vuln thunderbird for removal by 2019,
# see security bug 670102
<mail-client/thunderbird-60.0
<mail-client/thunderbird-bin-60.0

# Brian Evans <grknight@gentoo.org> (05 Nov 2018)
# Causes a dependency loop in the OpenRC script. Bug #651998
=sys-fs/cryptsetup-2.0.5-r1

# Aaron W. Swenson <titanofold@gentoo.org> (25 Oct 2018)
# Fails to build against up to date OpenSSL library (Bug 663966). No longer
# supported upstream. Use dev-db/pgadmin4.
# Masked for removal on 2018-11-24, bug #669650.
dev-db/pgadmin3

# Lars Wendler <polynomial-c@gentoo.org> (22 Oct 2018)
# Breaks dev-libs/gobject-introspection and its consumers
# See #669278
=xfce-base/xfconf-4.13.6

# Thomas Deutschmann <whissi@gentoo.org> (12 Oct 2018)
# EOL and has known vulnerabilities. Please move to
# Firefox 60 or newer if you can.
<www-client/firefox-60
<www-client/firefox-bin-60

# Andreas Sturmlechner <asturm@gentoo.org> (07 Oct 2018)
# Masked for more testing especially of reverse-deps.
>=dev-games/ogre-1.11.2

# Thomas Deutschmann <whissi@gentoo.org> (06 Oct 2018)
# Outdated and vulnerable snapshot; libav-12.3 is the better
# version for now
=media-video/libav-13_pre20171219

# Michał Górny <mgorny@gentoo.org> (24 Sep 2018)
# Apparently breaks sys-devel/gcc.  Bug #666954.
=dev-util/debugedit-4.14.2

# Andreas K. Hüttel <dilfridge@gentoo.org> (11 Sep 2018)
# Mask transition ebuilds that were needed only for <glibc-2.26
# We will keep them in the tree as long as we have masked
# <glibc-2.26.
~net-libs/libnsl-0
~net-libs/rpcsvc-proto-0

# Bernard Cafarelli <voyageur@gentoo.org> (13 Aug 2018)
# Beta release with new features, masked for testing
=app-text/tesseract-4.0.0_beta*

# Michał Górny <mgorny@gentoo.org> (01 Aug 2018)
# Multiprocessing versions of gemato.  They are known to hang on some
# users, so let's keep them masked until somebody figures out what's
# wrong.  Bug #647964.
~app-portage/gemato-14.0m
~app-portage/gemato-9999m

# Kent Fredric <kentnl@gentoo.org> (27 May 2018)
# Subject to Man-in-the-middle security bypass vulnerability.
# Retained in tree only for users who need older versions
# for compatibility reasons.
# Bug: #623942
<dev-perl/DBD-mysql-4.44.0

# Matt Turner <mattst88@gentoo.org> (25 May 2018)
# New package. Needs to interact with media-libs/mesa and
# x11-drivers/nvidia-drivers. Work in progress.
media-libs/libglvnd

# Aaron Bauman <bman@gentoo.org> (30 Apr 2018)
# Masked for testing. Will implement more of the 1.1 API
# Which will require patch updates across the tree
=dev-libs/libressl-2.9*

# Brian Evans <grknight@gentoo.org> (20 Apr 2018)
# Likely to break a lot of software
# Masked for initial testing
>=dev-db/mysql-connector-c++-8.0.0

# Eray Aslan <eras@gentoo.org> (22 Jan 2018)
# Vulnerable - see https://bugs.gentoo.org/630684
# Please migrate to cyrus-imapd-3.0 releases
=net-mail/cyrus-imapd-2.5*

# James Le Cuirot <chewi@gentoo.org> (17 Dec 2017)
# Java 9+ is not yet fully supported on Gentoo. Packages cannot depend
# on it so these virtuals are not yet required. If you wish to use
# Java 9+ then install oracle-(jdk|jre)-bin or openjdk(-bin) directly.
virtual/jdk:11
virtual/jre:11

# Andreas K. Hüttel <dilfridge@gentoo.org> (18 Oct 2017)
# sys-devel/automake versions 1.4, 1.5, 1.6, 1.7, 1.8
# have known security vulnerabilities, are broken with
# recent Perl (>=5.26.0), and are not used by anything in
# the Gentoo repository. Please uninstall.
sys-devel/automake:1.4
sys-devel/automake:1.5
sys-devel/automake:1.6
sys-devel/automake:1.7
sys-devel/automake:1.8

# Kent Fredric <kentnl@gentoo.org> (11 Oct 2017)
# This package should now be provided entirely by dev-lang/perl,
# stable perl 5.24 provides Unicode-Collate-1.140.0
# testing perl 5.26 provides Unicode-Collate-1.190.0
# This should only be unmasked if you're locking to perl-5.24 and need
# a newer version of virtual/perl-Unicode-Collate
# If you're upgrading to perl-5.26, please do:
#   emerge -C perl-core/Unicode-Collate
# See bug #634040
<perl-core/Unicode-Collate-1.190.0-r99

# Patrice Clement <monsieurp@gentoo.org> (09 Sep 2017)
# Python 3 port is almost complete with version 0.6.0. Users might run into
# minor bumps here and there which is why the mask is still in place for the
# time being.
>=dev-java/javatoolkit-0.6.0

# Gilles Dartiguelongue <eva@gentoo.org> (04 Sep 2017)
# Incompatible changes in API in Enchant 2. Bug #629838.
>=app-text/enchant-2

# Sébastien Fabbro <bicatali@gentoo.org> (19 Aug 2017)
# ipython-6 is python-3 only and causes circular dependencies
# Unset python_targets_python2_7 for ipykernel and ipyparallel if needed.
>=dev-python/ipython-6

# Kent Fredric <kentnl@gentoo.org> (21 Jul 2017)
# Masked due to serious regression that introduces widespread data
# corruption when storing data in blobs. Masked, because any code
# that is written to use this version is now dependent on this version
# and older versions will corrupt your code instead.
# However, any existing packages should not use this version.
# See: https://github.com/perl5-dbi/DBD-mysql/issues/117
=dev-perl/DBD-mysql-4.42.0

# Nicolas Bock <nicolasbock@gentoo.org> (17 Jul 2017)
# Keep shotwell development series masked.
>=media-gfx/shotwell-0.29

# Nicolas Bock <nicolasbock@gentoo.org> (31 Oct 2017)
# There are multiple unresolved upstream issues with >=jabref-bin-4.0 (#636036).
# If you still would like to use this version, please report any issues to
# upstream.
>=app-text/jabref-bin-4.0

# Hans de Graaff <graaff@gentoo.org> (05 Jun 2017)
# Bundles obsolete and vulnerable webkit version.
# Upstream has stopped development and recommends using
# headless mode in >=www-client/chromium-59.
# Masked for removal in 90 days. Bug #589994.
www-client/phantomjs
dev-ruby/poltergeist

# Michał Górny <mgorny@gentoo.org> (22 May 2017)
# for Maciej S. Szmigiero <mail@maciej.szmigiero.name>
# Any version above 5.100.138 breaks b43 driver in various ways.
# Also, b43 wiki page says to use 5.100.138. Bug #541080.
>=sys-firmware/b43-firmware-6.30.163.46

# Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>,
# Matthias Maier <tamiko@gentoo.org> (21 May 2017 and later updates)
# These old versions of toolchain packages (binutils, gcc, glibc) are no
# longer officially supported and are not suitable for general use. Using
# these packages can result in build failures (and possible breakage) for
# many packages, and may leave your system vulnerable to known security
# exploits.
# If you still use one of these old toolchain packages, please upgrade (and
# switch the compiler / the binutils) ASAP. If you need them for a specific
# (isolated) use case, feel free to unmask them on your system.
<sys-devel/gcc-5.4
<sys-libs/glibc-2.27
<sys-devel/binutils-2.30-r2
<sys-libs/binutils-libs-2.30-r2

# Michał Górny <mgorny@gentoo.org> (20 May 2017)
# Old versions of CUDA and their reverse dependencies. They do not
# support GCC 5+, and are really old.
# (updated 27 Dec 2017 with cuda < 8 because of gcc < 5 mask)
<dev-python/pycuda-2016
<dev-util/nvidia-cuda-sdk-8
<dev-util/nvidia-cuda-toolkit-8
net-wireless/cpyrit-cuda

# Mart Raudsepp <leio@gentoo.org> (16 Feb 2017)
# Old gstreamer 0.10 version, which is security vulnerable.
# Use gstreamer:1.0 with media-plugins/gst-plugins-libav
# instead (despite the name, it uses media-video/ffmpeg too).
# Please keep this mask entry until gstreamer:0.10 is still
# in tree or at least gets an affecting GLSA from bug 601354
# Bug #594878.
media-plugins/gst-plugins-ffmpeg

# Kent Fredric <kentnl@gentoo.org> (04 Feb 2017)
# Unsecure versions that have been only restored to tree
# to resolve compatibility problems with mail-filter/amavisd-new
# Use with caution due to these being removed for CVE-2016-1251
# Bug: #601144
# Bug: #604678
<dev-perl/DBD-mysql-4.41.0

# Michael Orlitzky <mjo@gentoo.org> (07 Jan 2017)
# This package has some dangerous quality and security issues, but
# people may still find it useful. It is masked to prevent accidental
# use. See bugs 603346 and 604998 for more information.
app-admin/amazon-ec2-init

# Robin H. Johnson <robbat2@gentoo.org> (05 Jan 2017)
# Masking for testing
=app-emulation/ganeti-2.16*
=app-emulation/ganeti-2.17*

# Michał Górny <mgorny@gentoo.org> (17 Nov 2016)
# New version masked for testing. It supports source-window buffer size
# over 2G but it 'currently performs 3-5% slower and has 1-2% worse
# compression'.
>=dev-util/xdelta-3.1.0

# Tim Harder <radhermit@gentoo.org> (03 Nov 2016)
# Masked for testing
=sys-fs/fuse-3*
=net-fs/sshfs-3*

# Denis Dupeyron <calchan@gentoo.org> (12 Sep 2016)
# Masked for testing, see bug #588894.
=x11-misc/light-locker-1.7.0-r1

# Andreas K. Hüttel <dilfridge@gentoo.org> (03 Apr 2016)
# Can exhaust all available memory depending on task
# but is made available for experts who heed this warning
# as newer versions produce different output. Contact
# the proxied maintainer Matthew Brewer <tomboy64@sina.cn>
# for questions.
<=media-gfx/slic3r-1.1.9999

# Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014)
# Masked for testing, presently fails upstream testsuite:
# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1
# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed.
# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1
# Lars Wendler <polynomial-c@gentoo.org> (25 Jan 2019)
# Also masked because of mostly incompatible license (AGPL-3)
=sys-libs/db-6.1*
=sys-libs/db-6.2*
=sys-libs/db-18.1*

# Ulrich Müller <ulm@gentoo.org> (15 Jul 2014)
# Permanently mask sys-libs/lib-compat and its reverse dependencies,
# pending multiple security vulnerabilities and QA issues.
# See bugs #515926 and #510960.
sys-libs/lib-compat
sys-libs/lib-compat-loki
games-action/mutantstorm-demo
games-action/phobiaii
games-fps/rtcw
games-fps/unreal
games-strategy/heroes3
games-strategy/smac

# Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014)
# Masked for proper testing. (Major updates in the code).
~dev-perl/PortageXS-0.2.12

# Matti Bickel <mabi@gentoo.org> (22 Apr 2014)
# Masked slotted lua for testing
# William Hubbs <williamh@gentoo.org> (07 Aug 2016)
# Taking this mask since Mabi is retired
# Rafael Martins <rafaelmartins@gentoo.org> (04 Dec 2016)
# Adding Lua 5.3 to mask
app-eselect/eselect-lua
=dev-lang/lua-5.1.5-r100
=dev-lang/lua-5.1.5-r101
=dev-lang/lua-5.1.5-r102
=dev-lang/lua-5.2.3
=dev-lang/lua-5.2.3-r1
=dev-lang/lua-5.2.3-r2
=dev-lang/lua-5.2.3-r3
=dev-lang/lua-5.3.3
=dev-lang/lua-5.3.3-r1
=dev-lang/lua-5.3.3-r2

# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012)
# Masked for testing since this is known to break nearly
# every reverse dependency wrt bug 407091
>=dev-lang/lua-5.2.0

# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Michael Weber <xmw@gentoo.org> (17 Jul 2013)
# Upstream next versions
# Michał Górny <mgorny@gentoo.org> (15 Mar 2019)
# No single unmasked version since.  Removal in 30 days.  Bug #671238.
>=sys-boot/raspberrypi-firmware-1_pre

# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-libs/cygwin
dev-util/mingw-runtime
dev-util/mingw64-runtime
dev-util/w32api
sys-libs/newlib
dev-embedded/avr-libc

# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008)
# Masking due to security bug #194607 and security bug #204067
games-fps/doom3
games-fps/doom3-cdoom
games-fps/doom3-chextrek
games-fps/doom3-data
games-fps/doom3-demo
games-fps/doom3-ducttape
games-fps/doom3-eventhorizon
games-fps/doom3-hellcampaign
games-fps/doom3-inhell
games-fps/doom3-lms
games-fps/doom3-mitm
games-fps/doom3-roe
games-fps/quake4-bin
games-fps/quake4-data
games-fps/quake4-demo

# <klieber@gentoo.org> (01 Apr 2004)
# The following packages contain a remotely-exploitable
# security vulnerability and have been hard masked accordingly.
#
# Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info
#
games-fps/unreal-tournament-goty
games-fps/unreal-tournament-strikeforce
games-fps/unreal-tournament-bonuspacks
games-fps/aaut