xz security issue ? (CVE-2024-3094)

From: mike tancsa <mike_at_sentex.net>
Date: Fri, 29 Mar 2024 18:22:52 UTC
 From the redhat advisory,

What is the malicious code?
The malicious injection present in the xz versions 5.6.0 and 5.6.1 
libraries is obfuscated and only included in full in the download 
package - the Git distribution lacks the M4 macro that triggers the 
build of the malicious code. The second-stage artifacts are present in 
the Git repository for the injection during the build time, in case the 
malicious M4 macro is present.

The resulting malicious build interferes with authentication in sshd via 
systemd.  SSH is a commonly used protocol for connecting remotely to 
systems, and sshd is the service that allows access. Under the right 
circumstances this interference could potentially enable a malicious 
actor to break sshd authentication and gain unauthorized access to the 
entire system remotely.

Is there any exposure to this on FreeBSD ?

     ---Mike