The output of the recent portage sync looks suspicious. Specifically, all profiles from 2Q-2005 up to 1Q-2012 have been updated. This doesn't happen in a usual sync of the portage tree.

My concern is that the mirror(s) may have been compromised, and that the portage tree available on this mirror(s) is not the official portage tree, i.e. it may include wrong Manifest files and wrong SRC_URI paths in ebuilds.

Other people have encountered the above problem as well. See, for example,
http://forums.gentoo.org/viewtopic-t-911096.html. 

Previous `emerge --sync` was done on Friday, January 27th, 2012.
Suspicious `portage --sync` was done on Friday, February 3rd, 2012.

Would you confirm if the tree was compromised or the 'suspicious' update is what should have happened?


Reproducible: Always

Steps to Reproduce:
1. Run `emerge --sync` on a system with a week-old portage tree (or older).
2. Observe that all profiles in the range 2Q-2005 ... 1Q-2012 have been updated.
Actual Results:  
All profiles in the range 2Q-2005 ... 1Q-2012 have been updated.

Expected Results:  
Only recent (1Q-2012) profile is updated.

Portage 2.1.10.44 (default/linux/amd64/10.0/desktop, gcc-4.5.3, glibc-2.13-r4, 3.2.1-gentoo-r2 x86_64)
=================================================================
System uname: Linux-3.2.1-gentoo-r2-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T5550_@_1.83GHz-with-gentoo-2.0.3
Timestamp of tree: Fri, 03 Feb 2012 22:45:01 +0000
ccache version 3.1.6 [enabled]
app-shells/bash:          4.1_p9
dev-java/java-config:     2.1.11-r3
dev-lang/python:          2.7.2-r3, 3.1.4-r3
dev-util/ccache:          3.1.6
dev-util/cmake:           2.8.6-r4
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.0.3
sys-apps/openrc:          0.9.8.2
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.68
sys-devel/automake:       1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:       2.21.1-r1
sys-devel/gcc:            4.5.3-r1
sys-devel/gcc-config:     1.4.1-r1
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r1
sys-kernel/linux-headers: 3.2 (virtual/os-headers)
sys-libs/glibc:           2.13-r4
Repositories: gentoo anaximander
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA AdobeFlash-10 AdobeFlash-10.1 dlj-1.1 Oracle-BCLA-JavaSE"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=core2 -O2"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=core2 -O2"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs ccache distlocks ebuild-locks fixlafiles news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://gentoo.netnitco.net http://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://gentoo.mirrors.tds.net/gentoo"
LANG="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en ru"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/anaximander"
SYNC="rsync://rsync.ca.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi alsa amd64 amr arts berkdb bluetooth branding bzip2 cairo cdda cdr cli consolekit cracklib crypt cups cxx dbus dri dri2 dts dvd dvdr emboss encode eselect exif fam firefox flac fortran gdbm gdu gif gnome gpm gtk hal iconv ipv6 java jpeg kde lcms ldap libnotify lm_sensors mad mikmod mmx mng modules mp3 mp4 mpeg mudflap multilib mysql ncurses nls nptl nptlonly ogg opengl openmp pam pango pcre pdf pmu png policykit ppds pppd python qt3support qt4 readline sdl session spell sql sse sse2 ssl startup-notification svg sysfs tcpd tiff truetype udev unicode usb utf8 v4l v4l2 vorbis webkit x264 xcb xcomposite xml xorg xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en ru" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel mesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS