gentoo-overlay/profiles/package.mask

####################################################################
#
# When you add an entry to the top of this file, add your name, the date, and
# an explanation of why something is getting masked. Please be extremely
# careful not to commit atoms that are not valid, as it can cause large-scale
# breakage, especially if it ends up in the daily snapshot.
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (28 Jun 2012)
## # Masking  these versions until we can get the
## # v4l stuff to work properly again
## =media-video/mplayer-0.90_pre5
## =media-video/mplayer-0.90_pre5-r1
#
# - Best last rites (removal) practices -
# Include the following info:
# a) reason for masking
# b) bug # for the removal (and yes you should have one)
# c) date of removal (either the date or "in x days")
#
## Example:
##
## # Dev E. Loper <developer@gentoo.org> (23 May 2015)
## # Masked for removal in 30 days.  Doesn't work
## # with new libfoo. Upstream dead, gtk-1, smells
## # funny. (bug #987654)
## app-misc/some-package

#--- END OF EXAMPLES ---

# Miroslav Šulc <fordfrog@gentoo.org> (23 Jan 2019)
# Depends on >=virtual/{jdk,jre}-11 which is masked
=dev-java/ant-eclipse-ecj-4.10
=dev-java/eclipse-ecj-4.10
=www-servers/tomcat-9.0.14

# Ulrich Müller <ulm@gentoo.org> (19 Jan 2019)
# Last release in 1999, last visible upstream activity in 2011.
# Byte-compilation fails. Masked for removal in 30 days, bug #675814.
app-emacs/tdtd

# Zac Medico <zmedico@gentoo.org> (13 Jan 2019)
# Deprecated upstream. Use hack/tls-setup from the etcd source tree
# instead. Masked for removal in 30 days.
app-crypt/etcd-ca

# William Hubbs <williamh@gentoo.org> (13 Jan 2019)
# Multiple open bugs including build failures, dead upstream.
# Please see the following URL for instructions for migrating to grub 2.
# https://wiki.gentoo.org/wiki/GRUB2_Migration
# Removal on 1 Feb 2019 (bug #674364)
sys-boot/grub:0

# Sergei Trofimovich <slyfox@gentoo.org> (13 Jan 2019)
# Deprecated upstream. Use app-emulation/ganeti[htools] instead.
# Removal in 30 days, bug #675220.
app-emulation/ganeti-htools

# Brian Evans <grknight@gentoo.org> (11 Jan 2019)
# Mask PHP 7.0 for removal; EOL and known security issues
# Removal in 30 days
dev-lang/php:7.0
virtual/httpd-php:7.0

# Mikle Kolyada <zlogene@gentoo.org> (10 Jan 2019)
# Masked due to QA violation (bug #672054)
sci-electronics/librepcb

# Craig Andrews <candrews@gentoo.org> (1 Jan 2019)
# Requires dev-libs/openssl-1.1.1, Bug 674148
dev-libs/gost-engine

# Andreas Sturmlechner <asturm@gentoo.org> (31 Dec 2018)
# Superseded by www-client/falkon. Masked for removal in 30 days.
www-client/qupzilla

# Andreas Sturmlechner <asturm@gentoo.org> (31 Dec 2018)
# Package outdated for years, build errors, unable to trade with.
# Bugs 544800, 592946, 610736. Masked for removal in 30 days.
app-office/QtBitcoinTrader

# Andreas Sturmlechner <asturm@gentoo.org> (31 Dec 2018)
# Dead upstream since 2014-02-09, does not build.
# Bugs 463928, 476890, 623172, 662270. Masked for removal in 30 days.
net-misc/hotot

# Alon Bar-Lev <alonbl@gentoo.org> (30 Dec 2018)
# Upstream is dead.
# Package does not support openssl-1.1, significant change to package.
# Removal in 30 days
app-crypt/openssl-tpm-engine

# Lars Wendler <polynomial-c@gentoo.org> (28 Dec 2018)
# Masked while being tested and reverse deps aren't fully compatible
=dev-libs/openssl-1.1.1*

# Mike Gilbert <floppym@gentoo.org> (25 Dec 2018)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
>=www-client/chromium-73

# Andreas K. Hüttel <dilfridge@gentoo.org> (25 Dec 2018)
# Included in dev-tex/texlive-publishers-2017; there is no
# need for a separate package anymore. Removal in 30 days.
dev-tex/revtex

# Hanno Boeck <hanno@gentoo.org (23 Dec 2018)
# Needs new OpenSSL, should be unmasked together with
# OpenSSL 1.1.1
>=app-crypt/osslsigncode-2.0

# Jeroen Roovers <jer@gentoo.org> (14 Dec 2018)
# Deprecated short lived branches https://www.nvidia.com/object/unix.html
# Unsupported legacy branch 304 https://bugs.gentoo.org/669588
# See https://nvidia.custhelp.com/app/answers/detail/a_id/3142 for timelines on
# upstream support for various branches. File a bug report if you absolutely
# must use one of these ebuilds.
# Removal on or about 16 January 2019
=x11-drivers/nvidia-drivers-304*
=x11-drivers/nvidia-drivers-375*
=x11-drivers/nvidia-drivers-378*
=x11-drivers/nvidia-drivers-381*
=x11-drivers/nvidia-drivers-384*
=x11-drivers/nvidia-drivers-387*
=x11-drivers/nvidia-drivers-396*
<x11-base/xorg-server-1.20.3
<x11-base/xorg-drivers-1.20

# Zac Medico <zmedico@gentoo.org> (11 Dec 2018)
# A Go library which has no consumers except those that include
# it via EGO_VENDOR. Masked for removal in 30 days.
dev-go/sarama

# Thomas Deutschmann <whissi@gentoo.org> (10 Dec 2018)
# Requires >=dev-lang/lua-5.2 which is masked
>=app-admin/lsyncd-2.2.3

# Andreas Sturmlechner <asturm@gentoo.org> (25 Nov 2018)
# Masked per security vulnerability CVE-2018-14345, bug #661510
# Keeping it masked while users have unsolved issues with >0.15.0.
<x11-misc/sddm-0.18.0

# Sergei Trofimovich <slyfox@gentoo.org> (23 Nov 2018)
# New version breaks kernel compilation as objtool seemingly
# corrupts object files: bug #671760
>=dev-libs/elfutils-0.175

# Ian Stakenvicius <axs@gentoo.org> (07 Nov 2018)
# on behalf of Mozilla Project <mozilla@gentoo.org>
# Mask old/vuln thunderbird for removal by 2019,
# see security bug 670102
<mail-client/thunderbird-60.0
<mail-client/thunderbird-bin-60.0

# Brian Evans <grknight@gentoo.org> (05 Nov 2018)
# Causes a dependency loop in the OpenRC script. Bug #651998
=sys-fs/cryptsetup-2.0.5-r1

# Andreas Sturmlechner <asturm@gentoo.org> (03 Nov 2018)
# Breaks revdeps (GDir and GDirEntry split from gfile.h into new gdir.h)
# See tracker: https://bugs.gentoo.org/670222
>=app-text/poppler-0.71.0

# Pacho Ramos <pacho@gentoo.org> (01 Nov 2018)
# All this packages are broken and need major version bumps to fix them. See
# bug #504114, #486510, #510550, #511096, #517260, #551784, #616490, #
net-voip/linphone
net-libs/libeXosip
net-libs/libosip

# Aaron W. Swenson <titanofold@gentoo.org> (25 Oct 2018)
# Fails to build against up to date OpenSSL library (Bug 663966). No longer
# supported upstream. Use dev-db/pgadmin4.
# Masked for removal on 2018-11-24, bug #669650.
dev-db/pgadmin3

# Lars Wendler <polynomial-c@gentoo.org> (22 Oct 2018)
# Breaks dev-libs/gobject-introspection and its consumers
# See #669278
=xfce-base/xfconf-4.13.6

# Thomas Deutschmann <whissi@gentoo.org> (12 Oct 2018)
# EOL and has known vulnerabilities. Please move to
# Firefox 60 or newer if you can.
<www-client/firefox-60
<www-client/firefox-bin-60

# Sergei Trofimovich <slyfox@gentoo.org> (09 Oct 2018)
# Upstream is not actively maintained. Needs a port to mupdf-1.14.
app-text/fbpdf

# Andreas Sturmlechner <asturm@gentoo.org> (07 Oct 2018)
# Masked for more testing especially of reverse-deps.
>=dev-games/ogre-1.11.2

# Mart Raudsepp <leio@gentoo.org> (06 Oct 2018)
# Netspeed applet moved into mate-base/mate-applets since v1.14,
# use that instead. Bug #667910
net-analyzer/mate-netspeed

# Thomas Deutschmann <whissi@gentoo.org> (06 Oct 2018)
# Outdated and vulnerable snapshot; libav-12.3 is the better
# version for now
=media-video/libav-13_pre20171219

# Michał Górny <mgorny@gentoo.org> (24 Sep 2018)
# Apparently breaks sys-devel/gcc.  Bug #666954.
=dev-util/debugedit-4.14.2

# Andreas K. Hüttel <dilfridge@gentoo.org> (11 Sep 2018)
# Mask transition ebuilds that were needed only for <glibc-2.26
# We will keep them in the tree as long as we have masked
# <glibc-2.26.
~net-libs/libnsl-0
~net-libs/rpcsvc-proto-0

# Matthias Maier <tamiko@gentoo.org> (1 Sep 2018)
# Mask 0.7.0 and  1.0.1 for the time being until a compatible LLVM version
# made it into the tree, bug #665192
~dev-lang/julia-1.0.3

# Bernard Cafarelli <voyageur@gentoo.org> (13 Aug 2018)
# Beta release with new features, masked for testing
=app-text/tesseract-4.0.0_beta*

# Michał Górny <mgorny@gentoo.org> (01 Aug 2018)
# Multiprocessing versions of gemato.  They are known to hang on some
# users, so let's keep them masked until somebody figures out what's
# wrong.  Bug #647964.
~app-portage/gemato-14.0m
~app-portage/gemato-9999m

# Kent Fredric <kentnl@gentoo.org> (27 May 2018)
# Subject to Man-in-the-middle security bypass vulnerability.
# Retained in tree only for users who need older versions
# for compatibility reasons.
# Bug: #623942
<dev-perl/DBD-mysql-4.44.0

# Matt Turner <mattst88@gentoo.org> (25 May 2018)
# New package. Needs to interact with media-libs/mesa and
# x11-drivers/nvidia-drivers. Work in progress.
media-libs/libglvnd

# Aaron Bauman <bman@gentoo.org> (30 Apr 2018)
# Masked for testing
=dev-libs/libressl-2.7*
=dev-libs/libressl-2.8*
=dev-libs/libressl-2.9*

# Brian Evans <grknight@gentoo.org> (20 Apr 2018)
# Likely to break a lot of software
# Masked for initial testing
>=dev-db/mysql-connector-c++-8.0.0

# Eray Aslan <eras@gentoo.org> (08 Feb 2018)
# Mask experimental software
=mail-mta/postfix-3.4*

# Eray Aslan <eras@gentoo.org> (22 Jan 2018)
# Vulnerable - see https://bugs.gentoo.org/630684
# Please migrate to cyrus-imapd-3.0 releases
=net-mail/cyrus-imapd-2.5*

# Thomas Beierlein <tomjbe@gentoo.org> (23 Dec 2017)
# To adapt to changed version naming by upstream
# (pcb-yyyymmdd to pcb-x.y.z) we move the ebuild to
# pcb-0_pyyyymmdd and mask >=pcb-20000000.
# Do not remove the mask until newer version gets stable
>=sci-electronics/pcb-20000000

# James Le Cuirot <chewi@gentoo.org> (17 Dec 2017)
# Java 9+ is not yet fully supported on Gentoo. Packages cannot depend
# on it so these virtuals are not yet required. If you wish to use
# Java 9+ then install oracle-(jdk|jre)-bin or openjdk(-bin) directly.
virtual/jdk:11
virtual/jre:11

# Andreas K. Hüttel <dilfridge@gentoo.org> (18 Oct 2017)
# sys-devel/automake versions 1.4, 1.5, 1.6, 1.7, 1.8
# have known security vulnerabilities, are broken with
# recent Perl (>=5.26.0), and are not used by anything in
# the Gentoo repository. Please uninstall.
sys-devel/automake:1.4
sys-devel/automake:1.5
sys-devel/automake:1.6
sys-devel/automake:1.7
sys-devel/automake:1.8

# Kent Fredric <kentnl@gentoo.org> (11 Oct 2017)
# This package should now be provided entirely by dev-lang/perl,
# stable perl 5.24 provides Unicode-Collate-1.140.0
# testing perl 5.26 provides Unicode-Collate-1.190.0
# This should only be unmasked if you're locking to perl-5.24 and need
# a newer version of virtual/perl-Unicode-Collate
# If you're upgrading to perl-5.26, please do:
#   emerge -C perl-core/Unicode-Collate
# See bug #634040
<perl-core/Unicode-Collate-1.190.0-r99

# Patrice Clement <monsieurp@gentoo.org> (09 Sep 2017)
# Python 3 port is almost complete with version 0.6.0. Users might run into
# minor bumps here and there which is why the mask is still in place for the
# time being.
>=dev-java/javatoolkit-0.6.0

# Gilles Dartiguelongue <eva@gentoo.org> (04 Sep 2017)
# Incompatible changes in API in Enchant 2. Bug #629838.
>=app-text/enchant-2

# Gilles Dartiguelongue <eva@gentoo.org> (2 Sep 1017)
# Gnome 3.26 package mask
>=app-text/libgepub-0.5

# Sébastien Fabbro <bicatali@gentoo.org> (19 Aug 2017)
# ipython-6 is python-3 only and causes circular dependencies
# Unset python_targets_python2_7 for ipykernel and ipyparallel if needed.
>=dev-python/ipython-6

# Kent Fredric <kentnl@gentoo.org> (21 Jul 2017)
# Masked due to serious regression that introduces widespread data
# corruption when storing data in blobs. Masked, because any code
# that is written to use this version is now dependent on this version
# and older versions will corrupt your code instead.
# However, any existing packages should not use this version.
# See: https://github.com/perl5-dbi/DBD-mysql/issues/117
=dev-perl/DBD-mysql-4.42.0

# Nicolas Bock <nicolasbock@gentoo.org> (17 Jul 2017)
# Keep shotwell development series masked.
>=media-gfx/shotwell-0.29

# Nicolas Bock <nicolasbock@gentoo.org> (31 Oct 2017)
# There are multiple unresolved upstream issues with >=jabref-bin-4.0 (#636036).
# If you still would like to use this version, please report any issues to
# upstream.
>=app-text/jabref-bin-4.0

# Hans de Graaff <graaff@gentoo.org> (05 Jun 2017)
# Bundles obsolete and vulnerable webkit version.
# Upstream has stopped development and recommends using
# headless mode in >=www-client/chromium-59.
# Masked for removal in 90 days. Bug #589994.
www-client/phantomjs
dev-ruby/poltergeist

# Michał Górny <mgorny@gentoo.org> (22 May 2017)
# for Maciej S. Szmigiero <mail@maciej.szmigiero.name>
# Any version above 5.100.138 breaks b43 driver in various ways.
# Also, b43 wiki page says to use 5.100.138. Bug #541080.
>=sys-firmware/b43-firmware-6.30.163.46

# Michał Górny <mgorny@gentoo.org>, Andreas K. Hüttel <dilfridge@gentoo.org>,
# Matthias Maier <tamiko@gentoo.org> (21 May 2017 and later updates)
# These old versions of toolchain packages (binutils, gcc, glibc) are no
# longer officially supported and are not suitable for general use. Using
# these packages can result in build failures (and possible breakage) for
# many packages, and may leave your system vulnerable to known security
# exploits.
# If you still use one of these old toolchain packages, please upgrade (and
# switch the compiler / the binutils) ASAP. If you need them for a specific
# (isolated) use case, feel free to unmask them on your system.
<sys-devel/gcc-5.4
<sys-libs/glibc-2.27
<sys-devel/binutils-2.30-r2
<sys-libs/binutils-libs-2.30-r2

# Michał Górny <mgorny@gentoo.org> (20 May 2017)
# Old versions of CUDA and their reverse dependencies. They do not
# support GCC 5+, and are really old.
# (updated 27 Dec 2017 with cuda < 8 because of gcc < 5 mask)
<dev-python/pycuda-2016
<dev-util/nvidia-cuda-sdk-8
<dev-util/nvidia-cuda-toolkit-8
net-wireless/cpyrit-cuda

# Mart Raudsepp <leio@gentoo.org> (16 Feb 2017)
# Old gstreamer 0.10 version, which is security vulnerable.
# Use gstreamer:1.0 with media-plugins/gst-plugins-libav
# instead (despite the name, it uses media-video/ffmpeg too).
# Please keep this mask entry until gstreamer:0.10 is still
# in tree or at least gets an affecting GLSA from bug 601354
# Bug #594878.
media-plugins/gst-plugins-ffmpeg

# Kent Fredric <kentnl@gentoo.org> (04 Feb 2017)
# Unsecure versions that have been only restored to tree
# to resolve compatibility problems with mail-filter/amavisd-new
# Use with caution due to these being removed for CVE-2016-1251
# Bug: #601144
# Bug: #604678
<dev-perl/DBD-mysql-4.41.0

# Michael Orlitzky <mjo@gentoo.org> (07 Jan 2017)
# This package has some dangerous quality and security issues, but
# people may still find it useful. It is masked to prevent accidental
# use. See bugs 603346 and 604998 for more information.
app-admin/amazon-ec2-init

# Robin H. Johnson <robbat2@gentoo.org> (05 Jan 2017)
# Masking for testing
=app-emulation/ganeti-2.16*
=app-emulation/ganeti-2.17*

# Michał Górny <mgorny@gentoo.org> (17 Nov 2016)
# New version masked for testing. It supports source-window buffer size
# over 2G but it 'currently performs 3-5% slower and has 1-2% worse
# compression'.
>=dev-util/xdelta-3.1.0

# Tim Harder <radhermit@gentoo.org> (03 Nov 2016)
# Masked for testing
=sys-fs/fuse-3*
=net-fs/sshfs-3*

# Denis Dupeyron <calchan@gentoo.org> (12 Sep 2016)
# Masked for testing, see bug #588894.
=x11-misc/light-locker-1.7.0-r1

# Andreas K. Hüttel <dilfridge@gentoo.org> (03 Apr 2016)
# Can exhaust all available memory depending on task
# but is made available for experts who heed this warning
# as newer versions produce different output. Contact
# the proxied maintainer Matthew Brewer <tomboy64@sina.cn>
# for questions.
<=media-gfx/slic3r-1.1.9999

# James Le Cuirot <chewi@gentoo.org> (07 Feb 2016)
# Masked until 2.0 final arrives, which hopefully won't depend on
# commons-dbcp:0 as that requires Java 6. Note that the 2.0 in the
# tree should have actually been 2.0_beta1. There are no revdeps.
# Michał Górny <mgorny@gentoo.org> (01 Dec 2018)
# Removal in 14 days.  Bug #671240.
dev-java/jcs

# Andrey Grozin <grozin@gentoo.org> (03 Dec 2018)
# Masked since 2016.
# Removal in 30 days. Bug #671242.
=sci-mathematics/reduce-20110414-r1

# Robin H. Johnson <robbat2@gentoo.org> (04 Aug 2014)
# Masked for testing, presently fails upstream testsuite:
# FAIL:07:02:35 (00:00:00) db_dump/db_load(./TESTDIR.3/recd001.db:child killed: kill signal): expected 0, got 1
# FAIL:07:02:35 (00:00:00) Dump/load of ./TESTDIR.3/recd001.db failed.
# FAIL:07:02:35 (00:00:00) db_verify_preop: expected 0, got 1
=sys-libs/db-6.1*
=sys-libs/db-6.2*

# Ulrich Müller <ulm@gentoo.org> (15 Jul 2014)
# Permanently mask sys-libs/lib-compat and its reverse dependencies,
# pending multiple security vulnerabilities and QA issues.
# See bugs #515926 and #510960.
sys-libs/lib-compat
sys-libs/lib-compat-loki
games-action/mutantstorm-demo
games-action/phobiaii
games-fps/rtcw
games-fps/unreal
games-strategy/heroes3
games-strategy/smac

# Mikle Kolyada <zlogene@gentoo.org> (27 Jun 2014)
# Masked for proper testing. (Major updates in the code).
~dev-perl/PortageXS-0.2.12

# Matti Bickel <mabi@gentoo.org> (22 Apr 2014)
# Masked slotted lua for testing
# William Hubbs <williamh@gentoo.org> (07 Aug 2016)
# Taking this mask since Mabi is retired
# Rafael Martins <rafaelmartins@gentoo.org> (04 Dec 2016)
# Adding Lua 5.3 to mask
app-eselect/eselect-lua
=dev-lang/lua-5.1.5-r100
=dev-lang/lua-5.1.5-r101
=dev-lang/lua-5.1.5-r102
=dev-lang/lua-5.2.3
=dev-lang/lua-5.2.3-r1
=dev-lang/lua-5.2.3-r2
=dev-lang/lua-5.2.3-r3
=dev-lang/lua-5.3.3
=dev-lang/lua-5.3.3-r1
=dev-lang/lua-5.3.3-r2

# Samuli Suominen <ssuominen@gentoo.org> (06 Mar 2012)
# Masked for testing since this is known to break nearly
# every reverse dependency wrt bug 407091
>=dev-lang/lua-5.2.0

# Mike Gilbert <floppym@gentoo.org> (04 Mar 2014)
# Dev channel releases are only for people who are developers or want more
# experimental features and accept a more unstable release.
www-plugins/chrome-binary-plugins:unstable

# Michael Weber <xmw@gentoo.org> (17 Jul 2013)
# Upstream next versions
>=sys-boot/raspberrypi-firmware-1_pre

# Diego E. Pettenò <flameeyes@gentoo.org> (03 Jan 2009)
# These packages are not supposed to be merged directly, instead
# please use sys-devel/crossdev to install them.
dev-libs/cygwin
dev-util/mingw-runtime
dev-util/mingw64-runtime
dev-util/w32api
sys-libs/newlib
dev-embedded/avr-libc

# Chris Gianelloni <wolf31o2@gentoo.org> (03 Mar 2008)
# Masking due to security bug #194607 and security bug #204067
games-fps/doom3
games-fps/doom3-cdoom
games-fps/doom3-chextrek
games-fps/doom3-data
games-fps/doom3-demo
games-fps/doom3-ducttape
games-fps/doom3-eventhorizon
games-fps/doom3-hellcampaign
games-fps/doom3-inhell
games-fps/doom3-lms
games-fps/doom3-mitm
games-fps/doom3-roe
games-fps/quake4-bin
games-fps/quake4-data
games-fps/quake4-demo

# <klieber@gentoo.org> (01 Apr 2004)
# The following packages contain a remotely-exploitable
# security vulnerability and have been hard masked accordingly.
#
# Please see https://bugs.gentoo.org/show_bug.cgi?id=44351 for more info
#
games-fps/unreal-tournament-goty
games-fps/unreal-tournament-strikeforce
games-fps/unreal-tournament-bonuspacks
games-fps/aaut