media-libs/lcms:0 is unmaintained, has seen no releases since 2009, and (according to upstream) is affected by unspecified serious security issues. Please * either upgrade your package to use media-libs/lcms:2, * or hard-disable an optional dependency on media-libs/lcms:0, * or mask your package for removal. Thank you!
It turns out that CrossOver 12.5.0 switched to media-libs/lcms:2, but I did not notice. Consequently, the dependency is wrong for 12.5.0 and later with the fix being to fix the bad dependency. Unfortunately, 12.2.y does use media-libs/lcms:0. The only binary in wine that uses it is /opt/cxoffice/lib/wine/mscms.dll.so. There are references to it in other places, but that is just packaging information and /opt/cxoffice/bin/cxdiag, which just checks for the presence of the library, but does not actually use it. Since wine libraries seek to emulate Windows libraries, it is generally possible to swap them between versions. We could probably prebuild a replacement from a newer version of wine. My time is stretched extremely thin, so until I find time to backport a mscms.dll.so relacement and possibly also binary patch cxdiag, I am going to mask <app-emulation-12.5.0 and fix the dependencies on >=app-emulation-12.5.0. Commits have been made to do this.
Thanks. Remaining lmcs:0 packages are also going to be masked for security reasons, so you're on the right track.
lcms:0 is going away this weekend...
+ 07 Mar 2015; Andreas K. Huettel <dilfridge@gentoo.org> + -crossover-bin-12.1.2-r2.ebuild, -crossover-bin-12.2.0-r2.ebuild, + -crossover-bin-12.2.1-r2.ebuild, -crossover-bin-12.2.2-r1.ebuild: + Drop old versions, see bug 526806 +
