this post was submitted on 30 Mar 2024
298 points (89.4% liked)
Memes
45734 readers
450 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If you use Arch, you aren't really affected. As far as we know, the backdoor only affects SSH if it is linked against liblzma, which is a requirement for libsystemd. However, Arch doesn't use that, so SSH has probably been safe. However, you should still update, because we don't know if the backdoor could've been used in other ways.
Note that if you update, xz 5.6.1-2 will be installed. This is a safe version. However, if you run
xz --version
, it will still report version 5.6.1.