Firstly, how can you be sure HN hasn't introduced the same, or a similar bug? Writing your own implementations does not make them secure.
Secondly, I don't understand why you are suggesting that people should always write their own implementations. Should I write my own servlet container rather than using Tomcat?
No, it's ironic in a way. Usually rewriting a standard piece of code is not so useful. In this case, if you wrote an XML parser, you'd probably skip over this part and end up secure.
Firstly, how can you be sure HN hasn't introduced the same, or a similar bug? Writing your own implementations does not make them secure.
Secondly, I don't understand why you are suggesting that people should always write their own implementations. Should I write my own servlet container rather than using Tomcat?