Oddbean new post about | logout
 As far as I know It’s a very specific attack. You need to run a distribution that is rolling release _and_ uses the binary tarball of XZ while having the SSH system notify thing on. Its almost specifically sorts out Debian testing derivatives and Fedora.

For example, Arch has the infected binary but its SSH is not linked to it. NixOS will have the 5.6.1 version but its clean because they’ve built from source instead of using the published binaries.

But if you have something important running on those servers that got touched by those exploits its better to just wipe clean and redeploy those machines. 
 Correct. Kali was another one. Fedora rawhide, a few opensuse as well. No Debian or RHEL release