Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn't Critical, Isn't Actively Exploited, and Even Red Hat's Distro Isn't Patching Yet

Dr. Roy Schestowitz

2022-11-01 20:14:48 UTC
Modified: 2022-11-01 22:33:28 UTC

Video download link | md5sum 8de27c8022d55f728a4d1c5eb55026e0 Irresponsible Misinformation About OpenSSL Creative Commons Attribution-No Derivative Works 4.0

Summary: Fuelling Microsoft-affiliated and sometimes Microsoft-funded "news" (noise) sites, Red Hat -- and to a lesser extent Fedora -- exaggerated the severity of bugs a week before their details' release (long and purposeless suspense); it's a case of a boy who cries "wolf!" to get "likes" in Twitter and media coverage that relies on nothing but lousy (inaccurate) "tweets", where fact-checking is impeded by NDAs/embargo

A few days ago we took note of the overhyped (mostly by Red Hat) impending patch for OpenSSL. Red Hat ended up slipping/changing the release date of Fedora, adding some more to the perceived danger, contributing to the scare, resulting in a week's worth of media misinformation like calling it "zero day" (even in headlines!). This irresponsible hype turns out to be have been outright disinformation (or at best misinformation) about the severity and it's worth noting that Red Hat is in no hurry to patch its most important products and there are no actively-exploited aspects; in other words, it is not "0-day" and there is no immediate rush to patch (in some cases there is no patch, either).

"We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already."The 8 URLs from the video are listed below in a logical order. To quote [4] below "Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?"

We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already. ⬆

Links from the video above

Recent Techrights' Posts

At the Root of the SLAPPs There Are Matters of GitHub Corruption and Microsoft Competition Crimes: Keep both eyes on the ball; this is about monopoly abuse and attempts to muzzle critics
Open Source Initiative (OSI) Privacy Fiasco in Detail: More on the Complaint, Which Also Points the Finger at Stefano Mafulli and Deb Nicholson: Focus on what they are attempting to distract from
"Linux" Foundation, Besieged by Microsoft, Isn't About Science But Against Science and Against Facts: (and for Microsoft Dogma, Microsoft Domination, Microsoft Money)
IBM Pays IDG's IDC to Market Proprietary Red Hat Enterprise Linux (RHEL) Under the Guise of "Research": Proprietary RHEL promoted by FUD (Fear, Uncertainty, Doubt or just plain fear-mongering)
Gemini Links 10/04/2025: "Secret of Happiness" and Overthinking POSSE: Links for the day
Gemini Links 11/04/2025: Microcosmographia Academica and Ada Language: Links for the day
Links 11/04/2025: "Getting Screamed At" and LLM Crawlers as Vandals Online: Links for the day
Links 11/04/2025: Microsoft Mass Layoffs Again, Zelensky Doubles Down on Claim That Many Chinese Are Fighting for Russia: Links for the day
Slopwatch: A Sea of LLM Slop About SparkyLinux, Kubernetes, Ubuntu, and Linux Kernel: Welcome to the future? The future of the Web?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 10, 2025: IRC logs for Thursday, April 10, 2025
Links 10/04/2025: NNCPNET Email Network, RSS Readers, and IRS as 'Immigration Enforcer': Links for the day
IBM Layoffs in Markham (Canada) Apparently Still Happening: "Still going on... Got laid off today. TEL Canada, Band 9, 19 years with IBM."
Links 10/04/2025: Fentanylware (TikTok) Perils and Internet Shutdown: Links for the day
Microsoft's "Linux" Foundation Pays Writers to Publish Propaganda and Then LLM Slop Sites (Slopfarms) Repeat the Propaganda, Using Microsoft LLMs: consider the latest LLM slop
Once You Slop You Can't Stop and If You're a Serial Slopper Nobody Will Believe You Really Wrote an Article (Even If You Did): It's a lot like, "if you're a serial liar people won't believe you even when you say some truth" (or "once a cheater, always a cheater")
Pressing Against SLAPPs (From Americans Who Strangle Women While Microsoft Pays Their Salaries) is a High Priority for Us: We also need to ensure that greedy firms/people that facilitate the SLAPPs get "disbarred" or "struck off"
Mozilla Firefox Already Down to 1% in Brazil: Don't people crave the surveillance and the slop?
Links 10/04/2025: Hardware, Politics, and Internet: Links for the day
Gemini Links 10/04/2025: Creativity and Agitation, Life in the USA, CSS Naked Day 2025: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 09, 2025: IRC logs for Wednesday, April 09, 2025
Alleged Layoffs at IBM Consulting in Australia: IBM loses many government contracts these days
The Rumours Were Likely True: Sixth Wave of Microsoft Mass Layoffs in 2025 (Days After "50" Anniversary and About 5,000 Layoffs): 5 hours ago, by Ashley Stewart
Malware in Proprietary Software - Latest Additions: Original by Free Software Foundation, Inc.
Links 09/04/2025: More Trade Wars and Wars, Chinese Army Troops Found Fighting in Ukraine: Links for the day
Linux Clickbait by Slop: Give it up for Brian Fagioli, the Serial Slopper
IBM and MCC: Layoffs Coming Again to Metro Connect Company Limited (MCC) as Tariffs Bite and IBM's Shares Fall: Blacklists applicable to Chinese suppliers also mean that IBM can no longer cooperate with key partners in Asia
Microsoft's Entire Premise for Its Future Existence Goes Up in Flames: 32 minutes ago
GNU/Linux on a High in Colombia: Stereotypes much?
Go Static: Please don't Go(lang) or JavaScript or PHP or...
Techrights Be Like...: K.I.S.S.
Gemini Links 09/04/2025: Autism, Cybersecurity, and LLMs Attacking Services Online: Links for the day
GNU/Linux Would be Measured at Over 5% Globally (by statCounter) Had the Data in India Not Been Changed: GNU/Linux grew a lot in many countries and has expanded since then
Keeping Track of Microsoft Layoffs in 2025: So here's a quick roundup of 2025
The Sixth Anniversary of the Lightweight Alternative to the Web (Gemini Protocol): Now 11 short of 3,000 active capsules. 65 short of 4,500 total.
Links 09/04/2025: Quartz Fires All Writers (Shutdown, LLM Slop or Slopfarm Instead), "Bitcoin Is Crashing Hard": Links for the day
People Are Sick of LLM Slop. Offer Them Alternatives.: We never used LLM slop for anything and we never will
Web Surveyor statCounter Sees Apple's macOS Falling From 5.6% to 3.6% in Two Months, It Might Soon be Smaller Than GNU/Linux: Apple's "value" (faked, exaggerated) is back to "pandemic times"
UK House of Lords Recognises the SLAPP Issue in the UK and EFF Pursues "Bill (That) Could Put A Stop To Censorship By Lawsuit" in the US: "A House of Lords inquiry into how the news industry can survive into the future has accused the government of “failing to prioritise” action on strategic lawsuits against public participation (SLAPPs)."
Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI: "LETTER SEEKING CLASS ACTION REPRESENTATION"
The Value of Slop, by Alexandre Oliva: Original by Alexandre Oliva
Gemini Links 09/04/2025: Neocities, Tinylogs, and Inter-community Protocols: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 08, 2025: IRC logs for Tuesday, April 08, 2025
You Can Be an A--hole to Women (Even Strangle Women) as Long as You Work for Microsoft: Recalling the Mark Shuttleworth origin story
Canonical is a Proprietary Software Reseller With a 'Debian Base': "Canonical Ubuntu" is just Debian with some proprietary things sold on top of it