Be nice if they could make it secure *and reliable*
So I installed a Grub update today on my 20.04 Ubuntu box. I'm not certain it covered CVE-2020-10713, but it performed an effective DOS attack on my machine all by itself without any intervention by 'bad actors'. A quick look at Git showed that 28 commits had changed at least 87 files, possibly far more. It would appear that the update was made available just a few hours after this bunch of commits was applied. Over the course of the last couple of years, issues with GRUB have become common for me. Fortunately the 'Boot Repair' tool can sort them out by reinstalling a working copy of GRUB.
So I'm led to wonder two things - why does such a critical component not provide a rock-solid recovery mechanism in it's own right ( or better, a rock solid installation system ), rather than having to rely on a third party tool which seems to do a better job of analysing the target system, and why, given it's propensity for failure, are massive batches of changes being shipped mere hours after being pulled into mainline ? Possibly the distro has more to answer for than GRUB for the latter point, but the lasting impression is that there's more wrong with GRUB than simply some buffer overflows.
Biting the hand that feeds IT
