gentoo-overlay/profiles/package.mask

# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

####################################################################
#
# When you add an entry to the top of this file, add your name, the date
# in the UTC timezone, and an explanation of why something is getting masked.
# Please be extremely careful not to commit atoms that are not valid, as it can
# cause large-scale breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (2019-07-01)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (2019-07-01)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---

# Michał Górny <mgorny@gentoo.org> (2020-12-30)
# Unmaintained.  Entirely replaced by media-libs/libjpeg-turbo,
# to the point that reverse dependencies no longer build with
# media-libs/jpeg.  The two libraries are binary-incompatible,
# and the current method of switching between them is incorrect.
# Removal in 30 days.  Bug #762634.
media-libs/jpeg

# Hans de Graaff <graaff@gentoo.org> (2020-12-29)
# These slots masked for removal in 30 days due to
# security issues, bug 730786
# Use a newer slot instead.
dev-ruby/rack:2.0
dev-ruby/rack:2.1

# Sam James <sam@gentoo.org> (2020-12-29)
# ABI may have been broken in 8.3.0.
# Masking for now to avoid rebuilds from
# a subslot bump in case a new release occurs.
# bug 762241
=dev-libs/crypto++-8.3.0

# Jonas Stein <jstein@gentoo.org> (2020-12-29)
# Unusable without alsa.
# Masked for removal after 2021-02-01
# Bug #762361
media-sound/takcd

# Alfredo Tupone <tupone@gentoo.org> (2020-12-28)
# Masked for testing
>=dev-lang/tk-8.6.10
>=dev-lang/tcl-8.6.10

# Andreas Sturmlechner <asturm@gentoo.org> (2020-12-26)
# Dead upstream, only two revdeps.
# Masked for removal in 30 days.
media-libs/qt-gstreamer

# Andreas Sturmlechner <asturm@gentoo.org> (2020-12-26)
# Dead upstream, depends on dead media-libs/qt-gstreamer.
# If anyone is actually using this productively, *do tell*.
# Masked for removal in 30 days.
kde-apps/ktp-call-ui

# Andreas Sturmlechner <asturm@gentoo.org> (2020-12-26)
# Depends on deprecated dev-qt/qtwebkit, abandoned upstream.
# Alternatives: Plenty. media-sound/cantata, media-sound/clementine,
# media-sound/elisa, media-sound/strawberry, media-sound/yarock, ...
# Masked for removal in 30 days.
media-sound/tomahawk

# Andreas Sturmlechner <asturm@gentoo.org> (2020-12-26)
# Depends on deprecated dev-qt/qtwebkit, no maintainer, bug #688852.
# Masked for removal in 30 days.
media-video/smtube

# Andreas Sturmlechner <asturm@gentoo.org> (2020-12-26)
# Depends on deprecated dev-qt/qtwebkit, no maintainer, bug #709880.
# Alternatives: dev-python/weasyprint, xhtml2pdf (not packaged, bug #699356)
# Masked for removal in 30 days.
media-gfx/wkhtmltopdf

# Andrew Savchenko <bircoph@gentoo.org> (2020-12-26)
# All docs and socket library functionality are merged back into single
# app-admin/clsync package using USE="apidoc doc socket-library" starting
# from clsync-0.4.5.
# No reverse dependencies. Removal in 30 days.
<app-admin/clsync-0.4.5
app-doc/clsync-docs
dev-libs/libclsync

# Michał Górny <mgorny@gentoo.org> (2020-12-22)
# Renamed version of dev-python/pycryptodome.  The ebuild is missing
# fixes from the original.  Maintaining and installing two copies
# of the same thing makes little sense, so we're forcing the former
# everywhere.
# Removal in 14 days.
dev-python/pycryptodomex

# Eray Aslan <eras@gentoo.org> (2020-12-21)
# Vulnerable. upgrade to >= 2.3.11.3. Masked until
# mail-filter/dovecot_deleted_to_trash is treecleaned
# to prevent breaking the tree (bug #756217)
=net-mail/dovecot-2.2.36.4

# Michał Górny <mgorny@gentoo.org> (2020-12-20)
# Requires old dev-python/unidecode.  Last commit in 2017.  No revdeps.
# Suggested replacement: dev-python/python-slugify.
# Removal in 30 days.  Bug #714718.
dev-python/awesome-slugify

# Sergei Trofimovich <slyfox@gentoo.org> (2020-12-20)
# Needs a port to haskell-src-exts compatible with ghc-8.8.
# https://github.com/ndmitchell/derive/pull/37
dev-haskell/derive
app-forensics/quickfuzz

# Michał Górny <mgorny@gentoo.org> (2020-12-19)
# Made redundant by compiler-rt's crt implementation.  No revdeps left.
# Removal in 30 days.  Bug #760711.
sys-libs/netbsd-csu

# Mike Pagano <mpagano@gentoo.org> (2020-12-18)
# Serious data corruption bug when using F2FS,
# see https://bugzilla.kernel.org/show_bug.cgi?id=210765
# Feel free to manually unmask when not using F2FS.
=sys-kernel/gentoo-sources-5.10.0
=sys-kernel/gentoo-sources-5.10.1
=sys-kernel/vanilla-sources-5.10.1
=sys-kernel/vanilla-sources-5.10.0

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Unmaintained.  Last bumped in 2008.  Last upstream (beta) in 2014.
# The current Gentoo version fails to install.
# Removal in 30 days.  Bug #701044.
net-mail/vacation

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Unmaintained.  Homepage gone.  Last bumped in 2008.  Carries multiple
# patches.  Fails to build again.
# Removal in 30 days.  Bug #675364.
net-ftp/tlswrap

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Upstream gone.  Last bumped in 2007.  Fails to build, again.
# Removal in 30 days.  Bug #648964.
app-text/ots

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Unmaintained.  The current Gentoo version fails to build, it needs
# a version bump.
# Removal in 30 days.  Bug #669452.
net-misc/dhcpd-pools

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Unmaintained.  Last bumped in 2018.  Vulnerable.  No revdeps.
# Removal in 30 days.  Bug #736050.
dev-db/aerospike-server-community

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Abandoned upstream, circa 2013.  Vulnerable.  No revdeps.
# Removal in 30 days.  Bug #744217.
app-text/peg-markdown

# Michał Górny <mgorny@gentoo.org> (2020-12-18)
# Abandoned in 2008.  No reverse dependencies left.
# Removal in 30 days.  Bug #652192.
dev-libs/ustr

# Jack Todaro <solpeth@posteo.org> (2020-12-17)
# Old and redundant package. Has not been kept
# up to date and no longer works. Masked for removal.
sci-mathematics/agda-lib-ffi

# Eray Aslan <eras@gentoo.org> (2020-12-14)
# Dead. Last release in 2014. Only works with vulnerable dovecot version.
# Recent Outlook versions should have this functionality built in.  Switch to a
# better mail client if you are still using this package. Removal in 30 days.
# Bug #756217
mail-filter/dovecot_deleted_to_trash

# Michał Górny <mgorny@gentoo.org> (2020-12-13)
# Dead.  Last commit in 2014.  Does not work with modern versions
# of Sphinx.  No revdeps.  Alternative: dev-python/sphinx-issues.
# Removal in 30 days.  Bug #720066.
dev-python/sphinxcontrib-issuetracker

# Hans de Graaff <graaff@gentoo.org> (2020-12-12)
# Security issue with insecure use of /tmp, bug 743214
# This slot masked for removal in 30 days, use slot 2 instead.
dev-ruby/bundler:0

# David Seifert <soap@gentoo.org> (2020-12-11)
# Last MIT release in 2007, declared EOL by Intel in 2017.
# Build and test failures, abandoned parallelism paradigm,
# no revdeps. If you're really still using this, switch to
# OpenMP. Bug #572130, #643590, Removal in 30 days.
dev-lang/cilk

# Aisha Tammy <gentoo@aisha.cc> (2020-12-11)
# last update upstream in 2017, does not build.
# OpenMP is a better alternative.
# Bug #717692, #741594
# Removal in 30 days.
sci-libs/xkaapi

# Michał Górny <mgorny@gentoo.org> (2020-12-10)
# Synergy 2.0 was a beta branch, and it should have never been marked
# stable.  It never reached feature parity with 1.x, and upstream
# eventually abandoned it.  The users are asked to 'downgrade' to 1.x
# that is actively maintained.  The buggy 2.0.0 version will be removed
# in 30 days.
>=x11-misc/synergy-2

# Michał Górny <mgorny@gentoo.org> (2020-12-10)
# Stuck on LLVM 9.  Superseded by dev-util/cvise that features better
# parallelization and more acive development.
# Removal in 30 days.  Bug #735762.
dev-util/creduce

# Lars Wendler <polynomial-c@gentoo.org> (2020-12-09)
# Masked until most broken packages have been fixed (bug #732648)
>=sys-devel/autoconf-2.70
>=sys-devel/autoconf-wrapper-14

# Thomas Deutschmann <whissi@gentoo.org> (2020-12-08)
# Fails to validate certificates which have multiple trusted
# paths.
=net-libs/gnutls-3.7.0

# Joonas Niilola <juippis@gentoo.org> (2020-12-06)
# Not keyworded, unmaintained, unbuildable for a long time, EAPI-5.
# Removal in ~30 days. List sorted by their bug numbers.
# Bugs: #752432, #752435, #752438, #752441, #752444, #752453.
media-plugins/kodi-screensaver-crystalmorph
media-plugins/kodi-visualization-nastyfft
media-plugins/kodi-screensaver-rsxs
net-wireless/qradiolink
net-libs/liba53
app-emulation/qt-virt-manager

# Thomas Deutschmann <whissi@gentoo.org> (2020-11-24)
# Serious data corruption bug when using XFS, see https://www.spinics.net/lists/linux-xfs/msg47004.html
# Feel free to manually unmask when not using XFS.
=sys-kernel/gentoo-sources-5.9.10
=sys-kernel/gentoo-sources-5.9.9
=sys-kernel/gentoo-sources-5.4.79
=sys-kernel/gentoo-sources-5.4.78
=sys-kernel/gentoo-sources-4.19.159
=sys-kernel/gentoo-sources-4.19.158
=sys-kernel/gentoo-sources-4.14.208
=sys-kernel/gentoo-sources-4.14.207
=sys-kernel/gentoo-sources-4.9.245
=sys-kernel/gentoo-sources-4.9.244
=sys-kernel/pf-sources-5.9_p5
=sys-kernel/vanilla-sources-5.9.10
=sys-kernel/vanilla-sources-5.9.9
=sys-kernel/vanilla-sources-5.4.79
=sys-kernel/vanilla-sources-5.4.78
=sys-kernel/vanilla-sources-4.19.159
=sys-kernel/vanilla-sources-4.19.158
=sys-kernel/vanilla-sources-4.14.208
=sys-kernel/vanilla-sources-4.14.207
=sys-kernel/vanilla-sources-4.9.245
=sys-kernel/vanilla-sources-4.9.244
=sys-kernel/vanilla-kernel-5.9.10
=sys-kernel/vanilla-kernel-5.9.9
=sys-kernel/vanilla-kernel-5.4.79
=sys-kernel/vanilla-kernel-5.4.78
=sys-kernel/gentoo-kernel-5.9.10
=sys-kernel/gentoo-kernel-5.9.9
=sys-kernel/gentoo-kernel-5.4.79
=sys-kernel/gentoo-kernel-5.4.78
=sys-kernel/gentoo-kernel-bin-5.9.10-r1
=sys-kernel/gentoo-kernel-bin-5.9.10
=sys-kernel/gentoo-kernel-bin-5.9.9-r1
=sys-kernel/gentoo-kernel-bin-5.9.9
=sys-kernel/gentoo-kernel-bin-5.4.79-r1
=sys-kernel/gentoo-kernel-bin-5.4.79
=sys-kernel/gentoo-kernel-bin-5.4.78-r1
=sys-kernel/gentoo-kernel-bin-5.4.78

# Jonas Stein <jstein@gentoo.org> (2020-11-12)
# Adobe will stop distributing Flash Player after 2020-12-31.
# Masked for removal after 2020-12-31
# Bug #754192
www-plugins/adobe-flash

# Michał Górny <mgorny@gentoo.org> (2020-11-10)
# This old Kodi version requires vulnerable dev-python/pillow
# and prevents users from upgrading.  Masked for the time being.
# Bug #729672.
media-plugins/kodi-game-libretro-nestopia
media-plugins/kodi-game-libretro-dosbox

# Alexys Jacob <ultrabug@gentoo.org> (2020-11-09)
# Mask dev-db/mongodb versions which do not support python3 so we
# can move forward in cleaning python2 from tree. Bug #708954.
# We keep the ebuilds available since some of those versions are still
# supported by upstream. See: https://jira.mongodb.org/browse/SERVER-52687
<dev-db/mongodb-4.2.8

# Alfredo Tupone <tupone@gentoo.org> (2020-11-05)
# will be upgraded after new lua release
www-apps/liquid_feedback_frontend
www-apps/webmcp

# Georgy Yakovlev <gyakovlev@gentoo.org> (2020-10-30)
# broken acl handling, possible broken chattr handling
# needs more testing
# https://bugs.gentoo.org/751739
=sys-apps/opentmpfiles-0.3.1

# Stephan Hartmann <sultan@gentoo.org> (2020-12-06)
# Dev channel releases are only for people who
# are developers or want more experimental features
# and accept a more unstable release.
>=www-client/chromium-89

# Andreas Sturmlechner <asturm@gentoo.org> (2020-10-26)
# Historical metapackage that exists in slot 5 only for transition from KDE SC4.
# Masked for removal on 2021-08-31. Replaced by:
# emerge --noreplace kde-plasma/plasma-meta kde-apps/kde-apps-meta
kde-apps/kde-meta:5

# Andreas Sturmlechner <asturm@gentoo.org> (2020-10-26)
# Historical metapackage that exists in slot 5 only for transition from KDE SC4.
# Masked for removal on 2021-08-31. Replaced by:
# emerge --noreplace kde-plasma/plasma-meta kde-apps/kdecore-meta
kde-apps/kdebase-meta:5

# Azamat H. Hackimov <azamat.hackimov@gmail.com> (2020-10-06)
# 1.3.3 is broken and failing unittests for net-im/prosody. Bug #746782.
>=dev-lua/luaexpat-1.3.3

# Sam James <sam@gentoo.org> (2020-10-05)
# Masked for testing. New major versions of Guile
# often break reverse dependencies.
# Guile in Gentoo is not slotted, so let's be cautious.
# bug #705554, bug #689408.
>=dev-scheme/guile-3.0.4

# Ulrich Müller <ulm@gentoo.org> (2020-10-04)
# Version 1.11 introduced different startup conventions for the server
# which breaks the OpenRC init script. Bug #746227.
>=net-misc/tigervnc-1.11.0

# Michał Górny <mgorny@gentoo.org> (2020-09-25)
# PyPy3.7 alpha.  Known to break a few packages.  Masked until it
# matures more.
=dev-python/pypy3-7.3.2_p37*
=dev-python/pypy3-exe-7.3.2_p37*
=dev-python/pypy3-exe-bin-7.3.2_p37*
=dev-python/pypy3-7.3.3_p37*
=dev-python/pypy3-exe-7.3.3_p37*
=dev-python/pypy3-exe-bin-7.3.3_p37*

# Michał Górny <mgorny@gentoo.org> (2020-09-09)
# These packages (or package versions) still require Python 2.7.
# They are either dead upstream, their Python 3 porting efforts are
# not progressing or their maintainers are simply unresponsive.
# Please do not remove any packages from this list unless you actually
# port them to Python 3.
# Removal in 30 days.  Please find relevant bugs on tracker bug #694800.
games-strategy/0ad

# Arfrever Frehtes Taifersar Arahesis <arfrever.fta@gmail.com> (2020-09-01)
# Mismatched version (bug #695022). Masked to force upgrade to 2.0.4_pre20200306162733.
# (Mask should remain after ebuilds are deleted, until 2021-03-01 or
# until new upstream release with proper versioning.)
~app-i18n/sunpinyin-3.0.0_rc1
~app-i18n/ibus-sunpinyin-3.0.0_rc1
~app-i18n/scim-sunpinyin-3.0.0_rc1
~app-i18n/xsunpinyin-3.0.0_rc1

# Alfredo Tupone <tupone@gentoo.org> (2020-08-23)
# Ported to py3 but not yet released
# Masked to allow py2.7 removal
dev-lang/spark

# Alfredo Tupone <tupone@gentoo.org> (2020-08-16)
# Ported to py3.8 but not yet released
# Masked to allow py2.7 removal
dev-ada/langkit
dev-ada/libadalang
dev-ada/libadalang-tools
dev-ada/gps
dev-ada/gnatcoll-bindings
dev-ada/gnatcoll-db

# Mart Raudsepp <leio@gentoo.org> (2020-08-15)
# Development release, needs testing to ensure valac-0.50
# works for existing packages
>=dev-libs/vala-common-0.49
dev-lang/vala:0.50

# Michał Górny <mgorny@gentoo.org> (2020-07-28)
# Masked for the time being due to dep on LLVM 8.  Bug #720236.
<=dev-ada/gps-2019-r1

# Sam James <sam@gentoo.org> (2020-07-20)
# Serious security vulnerabilities, including
# remote code execution. Upstream have not yet
# made a stable release in response to numerous
# CVEs. Applying patches is not a workable
# solution for now because of the fragility
# of reverse dependencies.
# Indefinitely masking until we have a solution
# for this.
# bug #719084
# Furthermore, ntopng ebuilds depending directly on dev-lang/lua{,jit}
# must be migrated to lua eclasses before unmasking (bug #752777).
net-analyzer/ntopng
net-analyzer/pmacct
net-libs/nDPI

# Andreas K. Hüttel <dilfridge@gentoo.org> (2020-07-15)
# In preparation; do not use yet.
=dev-lang/perl-5.32*
~virtual/perl-Archive-Tar-2.360.0
~virtual/perl-autodie-2.320.0
~virtual/perl-Compress-Raw-Bzip2-2.93.0
~virtual/perl-Compress-Raw-Zlib-2.93.0
~virtual/perl-CPAN-2.270.0
~virtual/perl-DB_File-1.853.0
~virtual/perl-Devel-PPPort-3.570.0
~virtual/perl-Digest-MD5-2.550.100_rc
~virtual/perl-Dumpvalue-1.210.0
~virtual/perl-Encode-3.60.0
~virtual/perl-Exporter-5.740.0
~virtual/perl-ExtUtils-CBuilder-0.280.234
~virtual/perl-ExtUtils-MakeMaker-7.440.0
~virtual/perl-Filter-Simple-0.960.0
~virtual/perl-Getopt-Long-2.510.0
~virtual/perl-I18N-LangTags-0.440.0
~virtual/perl-IO-1.430.0
~virtual/perl-IO-Compress-2.93.0
~virtual/perl-IPC-Cmd-1.40.0
~virtual/perl-JSON-PP-4.40.0
~virtual/perl-Math-BigInt-1.999.818
~virtual/perl-Math-BigInt-FastCalc-0.500.900
~virtual/perl-Module-CoreList-5.202.6.200
~virtual/perl-Module-Load-Conditional-0.700.0
~virtual/perl-Module-Metadata-1.0.37
~virtual/perl-Net-Ping-2.720.0
~virtual/perl-parent-0.238.0
~virtual/perl-podlators-4.140.0
~virtual/perl-Pod-Simple-3.400.0
~virtual/perl-Safe-2.410.0
~virtual/perl-Scalar-List-Utils-1.550.0
~virtual/perl-Socket-2.29.0
~virtual/perl-Storable-3.210.0
~virtual/perl-Sys-Syslog-0.360.0
~virtual/perl-Term-ANSIColor-5.10.0
~virtual/perl-Test-Simple-1.302.175
~virtual/perl-Thread-Queue-3.140.0
~virtual/perl-threads-2.250.0
~virtual/perl-threads-shared-1.610.0
~virtual/perl-Time-HiRes-1.976.400
~virtual/perl-Time-Piece-1.340.100
~virtual/perl-Unicode-Normalize-1.270.0

# Mart Raudsepp <leio@gentoo.org> (2020-06-06)
# Meson port does not handle multilib yet and has issues
# regarding runstatedir (not using /run).
=net-misc/networkmanager-1.22*

# Georgy Yakovlev <gyakovlev@gentoo.org> (2020-03-27)
# Vulnerable old version of icedtea-web #711392
<dev-java/icedtea-web-1.8.4

# Eray Aslan <eras@gentoo.org> (2020-03-09)
# Mask experimental software
=mail-mta/postfix-3.6*

# Miroslav Šulc <fordfrog@gentoo.org> (2020-02-27)
# >=dev-java/ant-eclipse-ecj-4.10 depends on masked >=virtual/{jdk,jre}-11
# www-servers/tomcat:9 depends on masked dev-java/eclipse-ecj
>=dev-java/ant-eclipse-ecj-4.10
>=dev-java/eclipse-ecj-4.10
www-servers/tomcat:9

# Mart Raudsepp <leio@gentoo.org> (2020-02-16)
# Fails to automatically launch pipewire for me. Help welcome figuring it out.
net-misc/gnome-remote-desktop

# Stefan Strogin <steils@gentoo.org> (2020-02-12)
# Mask for testing revdeps.
>=dev-games/mygui-3.4.0

# Patrick McLean <chutzpah@gentoo.org> (2020-02-07)
# Mask until sys-libs/libxcrypt[system] is unmasked
>=virtual/libcrypt-2

# Mart Raudsepp <leio@gentoo.org> (2020-02-03)
# Needs news item, known breakages that need to be handled first, bug 698922
>=x11-libs/pango-1.43

# Andrew Ammerlaan <andrewammerlaan@riseup.net> (2020-01-26)
# Proxy Maintainers <proxy-maint@gentoo.org>
# v3.6.4 uses huge amounts of memory: Bug #705682
# v3.6.1 is the latest version without this issue
>=dev-libs/libsass-3.6.2

# Lars Wendler <polynomial-c@gentoo.org> (2019-11-14)
# Breaks archives containing relative paths
# when being called with --no-absolute-filenames
# https://bugs.gentoo.org/700020
=app-arch/cpio-2.13

# Lars Wendler <polynomial-c@gentoo.org> (2019-10-16)
# Depends on apache-2.2
dev-libs/OpenSRF

# Matt Turner <mattst88@gentoo.org> (2019-09-01)
# TeXmacs is the only remaining package in tree that requires guile-1.8, which
# is unsupported upstream. A TeXmacs port to Guile-2 has been in progress for a
# few years. Bug #436400
app-office/texmacs
<dev-scheme/guile-2

# Robin H. Johnson <robbat2@gentoo.org> (2019-07-08)
# Needs LOTS of testing, broke boot on my laptop in early attempts, maybe needs
# matching genkernel work?
>=sys-fs/lvm2-2.03

# Andreas Sturmlechner <asturm@gentoo.org> (2018-11-25)
# Masked per security vulnerability CVE-2018-14345, bug #661510
# Keeping it masked while users have unsolved issues with >0.15.0.
<x11-misc/sddm-0.18.0

# Andreas Sturmlechner <asturm@gentoo.org> (2018-10-07)
# Masked for more testing especially of reverse-deps.
>=dev-games/ogre-1.11.2

# Andreas K. Hüttel <dilfridge@gentoo.org> (2018-09-11)
# Mask transition ebuilds that were needed only for <glibc-2.26
# We will keep them in the tree as long as we have masked
# <glibc-2.26.
~net-libs/libnsl-0
~net-libs/rpcsvc-proto-0

# James Le Cuirot <chewi@gentoo.org> (2017-12-17)
# Java 11 is not yet fully supported on Gentoo. Packages cannot depend
# on it so these virtuals are not yet required. If you wish to use
# Java 11 then install openjdk-(jdk|jre)-bin directly.
virtual/jdk:11
virtual/jre:11

# Andreas K. Hüttel <dilfridge@gentoo.org> (2017-10-18)
# sys-devel/automake versions 1.4, 1.5, 1.6, 1.7, 1.8
# have known security vulnerabilities, are broken with
# recent Perl (>=5.26.0), and are not used by anything in
# the Gentoo repository. Please uninstall.
sys-devel/automake:1.4
sys-devel/automake:1.5
sys-devel/automake:1.6
sys-devel/automake:1.7
sys-devel/automake:1.8
sys-devel/automake:1.9
sys-devel/automake:1.10

# Nicolas Bock <nicolasbock@gentoo.org> (2017-10-31)
# There are multiple unresolved upstream issues with >=jabref-bin-4.0 (#636036).
# If you still would like to use this version, please report any issues to
# upstream.
>=app-text/jabref-bin-4.0

# Michał Górny <mgorny@gentoo.org> (2017-05-22)
# for Maciej S. Szmigiero <mail@maciej.szmigiero.name>
# Any version above 5.100.138 breaks b43 driver in various ways.
# Also, b43 wiki page says to use 5.100.138. Bug #541080.
>=sys-firmware/b43-firmware-6.30.163.46

# Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>,
# Matthias Maier <tamiko@gentoo.org> (2017-05-21 and later updates)
# These old versions of toolchain packages (binutils, gcc, glibc) are no
# longer officially supported and are not suitable for general use. Using
# these packages can result in build failures (and possible breakage) for
# many packages, and may leave your system vulnerable to known security
# exploits.
# If you still use one of these old toolchain packages, please upgrade (and
# switch the compiler / the binutils) ASAP. If you need them for a specific
# (isolated) use case, feel free to unmask them on your system.
<sys-libs/glibc-2.31-r6
<sys-devel/binutils-2.33.1-r1
<sys-devel/binutils-hppa64-2.33.1

# Michał Górny <mgorny@gentoo.org> (2017-05-20)
# Old versions of CUDA and their reverse dependencies. They do not
# support GCC 5+, and are really old.
# (updated 2017-12-27 with cuda < 8 because of gcc < 5 mask)
<dev-util/nvidia-cuda-sdk-8
<dev-util/nvidia-cuda-toolkit-8

# Michael Orlitzky <mjo@gentoo.org> (2017-01-07)
# This package has some dangerous quality and security issues, but
# people may still find it useful. It is masked to prevent accidental
# use. See bugs 603346 and 604998 for more information.
app-admin/amazon-ec2-init

# Michał Górny <mgorny@gentoo.org> (2016-11-17)
# New version masked for testing. It supports source-window buffer size
# over 2G but it 'currently performs 3-5% slower and has 1-2% worse
# compression'.
>=dev-util/xdelta-3.1.0

# Robin H. Johnson <robbat2@gentoo.org> (2014-08-04)
# Masked for testing, presently fails upstream testsuite:
# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1
# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed.
# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1
# Lars Wendler <polynomial-c@gentoo.org> (2019-01-25)
# Also masked because of mostly incompatible license (AGPL-3)
=sys-libs/db-6.1*
=sys-libs/db-6.2*
=sys-libs/db-18.1*

# Mikle Kolyada <zlogene@gentoo.org> (2014-06-27)
# Masked for proper testing. (Major updates in the code).
~dev-perl/PortageXS-0.2.12

# Mike Gilbert <floppym@gentoo.org> (2014-03-04)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Diego E. Pettenò <flameeyes@gentoo.org> (2009-01-03)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-util/mingw64-runtime
sys-libs/newlib
dev-embedded/avr-libc