![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/f9a8b510-447c-4102-8d49-d3580b717ab8.png)
Each distribution is different but Arch has stated that they did have the exploit artifact in their version of xz but the artifact was not loaded into memory with sshd as their process does not link sshd with liblzma library.
More details below but highly recommend upgrade/downgrade anyways to remove the exploit code version.
https://archlinux.org/news/the-xz-package-has-been-backdoored/
Perhaps they should ask Copilot how their templating system works.