Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn't Critical, Isn't Actively Exploited, and Even Red Hat's Distro Isn't Patching Yet

Dr. Roy Schestowitz

2022-11-01 20:14:48 UTC
Modified: 2022-11-01 22:33:28 UTC

Video download link | md5sum 8de27c8022d55f728a4d1c5eb55026e0 Irresponsible Misinformation About OpenSSL Creative Commons Attribution-No Derivative Works 4.0

Summary: Fuelling Microsoft-affiliated and sometimes Microsoft-funded "news" (noise) sites, Red Hat -- and to a lesser extent Fedora -- exaggerated the severity of bugs a week before their details' release (long and purposeless suspense); it's a case of a boy who cries "wolf!" to get "likes" in Twitter and media coverage that relies on nothing but lousy (inaccurate) "tweets", where fact-checking is impeded by NDAs/embargo

A few days ago we took note of the overhyped (mostly by Red Hat) impending patch for OpenSSL. Red Hat ended up slipping/changing the release date of Fedora, adding some more to the perceived danger, contributing to the scare, resulting in a week's worth of media misinformation like calling it "zero day" (even in headlines!). This irresponsible hype turns out to be have been outright disinformation (or at best misinformation) about the severity and it's worth noting that Red Hat is in no hurry to patch its most important products and there are no actively-exploited aspects; in other words, it is not "0-day" and there is no immediate rush to patch (in some cases there is no patch, either).

"We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already."The 8 URLs from the video are listed below in a logical order. To quote [4] below "Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?"

We perceive this to be a bit of a media blunder, taking informal "tweets" at face value and trying to compete over who produces the most scary headline/s for about a week already. ⬆

Links from the video above

Recent Techrights' Posts

EPO People Power - Part XXX - New Year Starts, Cocainegate Still Discussed a Lot, António Campinos Desperate for Distraction From It: Why the sudden change or 'generosity'? [...] Actual cocaine addicts caused nervous breakdowns among sober people
IBM and Microsoft Hiding Layoffs in Similar, Overlapping Ways: Performance Improvement Plans aplenty
IBM is a Cancer That Attaches Itself to Everything: Red Hat should have remained an independent company
Plot Twist: Microsoft MSN Relays Articles Hinting at or Pointing to Mass Layoffs Soon, Other Gossip: the narrative from Microsoft's "PR bunny" (Shaw) is showing mold already
'Vibe Coding' is Not "AI", It's a Sewer, It is Junk: Linus Torvalds was wrong. 'Vibe coding' isn't good for anything.
GNU/Linux May be Approaching 10% "Market Share" in Montenegro: The surge started around 2021
Links 10/01/2026: "Abolish ICE or GTFO", Calls to Ban X/Twitter From Apple/Google App Stores (or Implement National Blocks) Over MElon Turning It Into Non-consensual Deepfake Porn Site: Links for the day
2026 Might be the Year Microsoft Replaces Layoffs With Mass Firings (No Severance Payments to Dismissed Staff): It's hard to "see" PIPs unless insiders blow the whistle
Links 10/01/2026: STV Layoffs (Scottish TV), “CBS Evening News” in Chaos (Culls and Censorship by the US Regime): Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, January 09, 2026: IRC logs for Friday, January 09, 2026
Gemini Links 10/01/2026: Blackout, E-Waste, and Secondary Smartphone: Links for the day
Links 09/01/2026: Google and Character.AI Implicitly Accept Chatbots Kill Kids and GLP-1 ‘Slimming Pens’ Turn Out to be a Lot Worse Than Advertised: Links for the day
At IBM, "Employee Reviews" (or Appraisals in the UK) Are a "Trojan Horse" for RAs (Mass Layoffs), a Waste of Time: comments from IBMer serve to suggest that appraisals can be precursors
Links 09/01/2026: Technical Blogging Lessons Learned and Google's Gmail Getting a Lot Worse: Links for the day
More IBM Layoffs in India: If IBM cannot afford to retain workers in India, then something is truly "out of control" at IBM
Escaping GAFAM Colonialism Requires Homegrown Free Software: GNU/Linux now measured at 3% in Zambia
Dr. Richard Stallman Has Done No Harm to the GNU Project or the FSF (He Had Benefited Both, Always, Even After the Attacks on Him Began): Some people try to prevent Dr. Stallman from speaking or having a platform where many people can hear him
GNU/Linux at 4% in Saudi Arabia, Says statCounter: Some years ago Windows fell to a "market share" of just 11% there
Microsoft Isn't Denying the Mass Layoffs: Still silence from Microsoft
In Western Africa GNU/Linux Flirts With 5% Market Share: there's a gradual increase in GNU/Linux usage there
Gemini Links 09/01/2026: Pro1 X Repair and the Mercury Protocol: Links for the day
Links 09/01/2026: Cambodia and China Extradition, "NATO’s High-risk Patrols Near Ukraine": Links for the day
No, Microsoft Did Not Deny the Q1 Mass Layoffs (Microsoft Can Delay These): Maybe they disperse or delay the layoffs (changing plans), but the layoffs are going to happen
Only One Person in Charge of Fedora is Not IBM Staff: This is not a community project, it's just a way for IBM to onboard unpaid volunteers
This Is Not a Drill, GNU/Linux is Really Going 'Mainstream' on Laptops (and Desktops): It is important to explain to people software freedom
IBM Albany Layoffs: not only did many in the site lose their job; there's more to come "and likely another one in February" (weeks from now)
EPO Workers' Industrial Action to Include Many Strikes, to Last Several Months: In some ways, The Hague and Bavaria are becoming almost indistinguishable from Moscow
EPO People Power - Part XXIX - Getting DER SPIEGEL, FAZ, Deutschlandfunk and Sueddeutsche Zeitung (SZ) to Cover EPO Scandals: We kindly ask our readers to contact their local media and urge it to cover the scandals
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, January 08, 2026: IRC logs for Thursday, January 08, 2026
Gemini Links 08/01/2026: "New Year, Old Plans" and Alex's "Butlerian Jihad": Links for the day
LLM Slop About "Linux" Scarce and of Very Low Quality: At this rate, we reckon there may be one (or zero) per day by year's end
IBM's "Forever Layoffs" (to Bypass Warnings or Notices as Required by WARN Act): There is a bunch of speculations about when the next "major round" of RAs will be
Attempts to Undermine This Site's Latest Series Using Intimidation, Threats, and Presumptuous Accusations: threatening language is less effective when everyone is an alibi
Links 08/01/2026: "Golden Smartphone" Scam and Riseup Account Issues: Links for the day
Links 08/01/2026: Possible "Collapse of NATO Over Greenland"; Journalistic Malpractice and "US Voters Hate Slop": Links for the day
EPO People Power - Part XXVIII - A Sensitive Issue for Germany and The Netherlands: If Germans who read this series can communicate this to public officials or to their media, maybe they can strike a nerve and get the ball rolling
Age Discrimination at IBM Discussed Amid Mass Layoffs (Especially in the United States): Workers are anxious. Are they next to face the axe?
Gemini Links 08/01/2026: Potentiometer Calculator, Power Outages, Why You Should Abandon Discord for IRC (e.g. Ergo), and Formatting Gopher Posts: Links for the day
Links 08/01/2026: More Software Patents Squashed, White House Repeats Misinformation From the Kremlin: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 07, 2026: IRC logs for Wednesday, January 07, 2026