[clopic]

What a silly comment.

Firstly, how can you be sure HN hasn't introduced the same, or a similar bug? Writing your own implementations does not make them secure.

Secondly, I don't understand why you are suggesting that people should always write their own implementations. Should I write my own servlet container rather than using Tomcat?

[MichaelGG]

No, it's ironic in a way. Usually rewriting a standard piece of code is not so useful. In this case, if you wrote an XML parser, you'd probably skip over this part and end up secure.