D
What makes you think your alternative, which ever it is, does not have have vulnerabilities?Personally I never liked GRUB and I am not affected using alternative solution but just leaving distros on their own with this pile of .... is not nice.
What makes you think your alternative, which ever it is, does not have have vulnerabilities?
From my experience and from what I heard from other coders, software which is more mature and feature rich has the benefit of being more stable due to longer development and more time put into making it complete.Because GRUB is trying to be Jack of all trades, grew so big and complicated.
I wouldn't trust software that hasn't had an update in over a year and elilo hasn't had one in longer, also it seems elilo has the status abandoned?because it is simpler: elilo.
In Debian it was fixed in TrixieTodays updates for Linux Mint 22.1 (April 1, 2025) include several updates for CVE type problems.....likely addressing the problems laid out in the link that thop of this thread
Actually not, the backport does not fix those CVE'sSee edit to my post ^^^^^...above
apt policy grub2-common
to see installed and available versionIf the boot image got hacked,
Where you and your coders have been when systemd was introduced?From my experience and from what I heard from other coders, software which is more mature and feature rich has the benefit of being more stable due to longer development and more time put into making it complete.
On another side software that just appeared yesterday may have more issues than the older software.
Excluding regression and lack of maintenance which is another issue.
Using this logic I'm in favor of GRUB over newly born or underdeveloped software.
absolutelyThere have been exploits for this though they mean someone has to have physical access to the device - and there have been exploits to almost every bit of software on your system at one point or another.