• flying_sheep@lemmy.ml
    link
    fedilink
    arrow-up
    12
    ·
    8 months ago

    No, read the link you posted:

    Arch does not directly link openssh to liblzma, and thus this attack vector is not possible. You can confirm this by issuing the following command:

    ldd "$(command -v sshd)"
    

    However, out of an abundance of caution, we advise users to remove the malicious code from their system by upgrading either way.