On 2024-09-24 21:42:23, Eli Schwartz wrote: > > Please do not disable the USE=ipv6, as that is *utterly* insane. It also > does approximately nothing. In packages which support this USE flag, > which is rare, it causes the code to use old, untested APIs which only > support ipv4, rather than new, tested APIs that support ipv4 and ipv6 > equally well while having the benefit of being stable, reliable and > efficient.
I think this greatly depends on the package. djbdns is fresh on my mind, and djbdns[ipv6] will pull in a massive third-party patch to add support for serving ipv6 records. The changes are so pervasive that (a) they required manually re-rolling several ipv4 security patches, and (b) may reintroduce some of the same security issues over ipv6, if nobody is filing CVEs against the patch. It's not clear-cut, but you can certainly argue that you're better off without USE=ipv6 if you're not serving ipv6 records. Pkgcheck has been warning about "bad" instances of USE=ipv6 for some time now. The longer the warning stays in place, the more packages we can expect to import some special useful meaning to it.
