Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn't Critical, Isn't Actively Exploited, and Even Red Hat's Distro Isn't Patching Yet

Dr. Roy Schestowitz

2022-11-01 20:14:48 UTC
Modified: 2022-11-01 22:33:28 UTC

Video download link | md5sum 8de27c8022d55f728a4d1c5eb55026e0 Irresponsible Misinformation About OpenSSL Creative Commons Attribution-No Derivative Works 4.0

Summary: Fuelling Microsoft-affiliated and sometimes Microsoft-funded "news" (noise) sites, Red Hat -- and to a lesser extent Fedora -- exaggerated the severity of bugs a week before their details' release (long and purposeless suspense); it's a case of a boy who cries "wolf!" to get "likes" in Twitter and media coverage that relies on nothing but lousy (inaccurate) "tweets", where fact-checking is impeded by NDAs/embargo

A few days ago we took note of the overhyped (mostly by Red Hat) impending patch for OpenSSL. Red Hat ended up slipping/changing the release date of Fedora, adding some more to the perceived danger, contributing to the scare, resulting in a week's worth of media misinformation like calling it "zero day" (even in headlines!). This irresponsible hype turns out to be have been outright disinformation (or at best misinformation) about the severity and it's worth noting that Red Hat is in no hurry to patch its most important products and there are no actively-exploited aspects; in other words, it is not "0-day" and there is no immediate rush to patch (in some cases there is no patch, either).

"We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already."The 8 URLs from the video are listed below in a logical order. To quote [4] below "Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?"

We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already. ⬆

Links from the video above

Recent Techrights' Posts

Links 26/11/2024: Microsoft 360 Users Report Outages, Attacks on Journalists Plentiful Worldwide: Links for the day
Same Month Judge Suggests Selling Chrome (Compelling Google to Give It Away) Chrome Surpasses Two-Thirds of "The Market", Based on Surveyor: tackling Google's browser monoculture is still a priority
[Meme] Trying to Terrorise Critics: How Microsofters roll...
Illegitimi Non Carborundum: If you try to suppress our publication, we'll not just bark back but also bite
Why This Site Became "Simple" a Year Ago: Light is good, heavy is bad
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 25, 2024: IRC logs for Monday, November 25, 2024
Links 26/11/2024: International Microsoft Outages, Microsoft Mass Layoffs Bigger Than Reported Last Friday: Links for the day, Deutsche Welle and CBC focus
Gemini Links 26/11/2024: Not Pagan, Emacs Wiki, and More: Links for the day
Links 25/11/2024: Egypt Harasses Bloggers, The University of Michigan Has Become Like a Corporation: Links for the day
Links 25/11/2024: Climate News, Daniel Pocock Receives a Fake/Fraudulent €17,000 Electricity Bill: Links for the day
On Groupthink, Mindless 'Sheep', and Toxic Online Cults: This week, treat yourself to a life free of social control media
[Meme] Microsoft: Our "Hey Hi" Hype is Going So Well That We Have MASS Layoffs Every Month. Makes Sense?: Contradiction
Latest Mass Layoffs at Microsoft Are Confirmed, Bing and Vista 11 Losing Market Share: They tried to hide this. They misuse NDAs.
BetaNews is Run and Written by Bots That Make Clickbait: At least one author is doing this
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, November 24, 2024: IRC logs for Sunday, November 24, 2024
Gemini Links 25/11/2024: Purity and Cory Doctorow's Ulysses Pact, Smolnet Portal and SGI: Links for the day
Technology: rights or responsibilities? - Part VIII: By Dr. Andy Farnell
GNU/Linux Reaches All-Time High in Europe (at 6%): many in Europe chose to explore something else, something freedom-respecting
Patents Against Energy Sources That Reduce Pollution: this EV space (not just charging) is a patent mine field and it has long been that way
DARPA’s Information Innovation Office, Howard Shrobe, Values Compartmentalisation But Loses the Opportunity to Promote GNU/Linux and BSDs: All in all, he misses an opportunity
Wayland is an Alternative to X: the alternative to X (as in Twitter) isn't social control media but something like IRC
BetaNews, Desperate for Clicks, is Pushing Donald Trump Spam Created by LLMs (Slop): Big clap to Brian Fagioli for stuffing a "tech" site with Trump spam (not the first time he uses LLMs to do this)
[Meme] Social Control Media Bliss: "My tree is bigger than yours"
Links 24/11/2024: More IMF Bailouts and Net Client Freedom: Links for the day
Gemini Links 24/11/2024: Being a Student and Digital Downsizing: Links for the day
Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along: Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company: "Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000: Apple is also about 120 billion dollars in debt
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024: IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox: Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants: That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs: Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale: This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2): FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money: The more concerning aspects are coverage of GAFAM and Microsoft in particular