this post was submitted on 30 Mar 2024
302 points (89.5% liked)

Memes

45584 readers
1196 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 33 points 7 months ago

If you use Arch, you aren't really affected. As far as we know, the backdoor only affects SSH if it is linked against liblzma, which is a requirement for libsystemd. However, Arch doesn't use that, so SSH has probably been safe. However, you should still update, because we don't know if the backdoor could've been used in other ways.

Note that if you update, xz 5.6.1-2 will be installed. This is a safe version. However, if you run xz --version, it will still report version 5.6.1.