Interesting how this backdoor can lead to an sshd compromise.
"openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma."
Presumably somebody is going back through all of this actor's commits back to 2021 to check for shenanigans?
On the other hand, that seems like a lot of work.
It's probably all good. 😬