No it wasn't.

Assert is only used in Core when an unexpected state is reached, as a way to prevent subtle bugs from being exploitable. Maybe instead of using assert they could write a function like crash_node(msg), but if your code has reached an unexpected state it's better to crash right away.

The problem with the first BU critical bug is that they were trusting user input. Never trust user input.

The problem with the second BU critical bug is they were crashing when there was a block fetch failure but they forgot to check the cause of the failure.

By the way you used the word "was". This is not the same critical bug as last week, that was patched. This is a new critical bug found today.

Lets leave politics out of this. The BU codebase is a complete mess, I don't know how they managed to fuck it up so bad. Actually I do know how, they simply don't know how the code works. They've moved around code and created their own new functions because they can't figure out how the original ones works. They're incompetent. Get a new dev team, have proper QA and unit testing procedures in place. Even if I agreed with their ideas, I would never install BU on my machine, it's too much of a risk.

Edit: Now they want people to run a closed source binary to fix this issue, and trust them that this binary doesn't have anything malicious in it. I want to kill myself.

Double edit: apparently the closed source binary has already been reverse engineered and the changes now publicly known, demonstrating the pointlessness and stupidity of releasing it closed source.

https://0bin.net/paste/3OazwrnDdmMz8X33#w5XLswFoBu7KstF8YKlAYulTrsUPmNwnj3HU2UV1xFZ