If ssh is linked with libsystemd/liblzma, as is the case with Debian, `libsystemd.so.0 => /lib/x86_64-linux-gnu/libsystemd.so.0` and `liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5`, then you should take a closer look at this! Debian stable for example is running `5.4.1`, which is fine, if you have sid enabled you are most likely affected. Just check your distributions for any news regarding this vulnerability. `libsystemd` can be linked to `liblzma`. So if you only have `libsystemd`, be on the safe side and check your distribution for news there too.
There are also scripts to test your system that can give you a false alarm on Arch, such as https://raw.githubusercontent.com/cyclone-github/scripts/main/xz_cve-2024-3094-detect.sh .
The latest version of Arch is 5.6.1-**2**, so still `5.6.1`, but without the security hole.