I checked the article, and that bug was similar in the relevant sense. It was a security bug related to hashed messaged authentication codes, a class of security exploits related to very non-trivial issues in cryptography. It was not comparable to "let's allow an information-file parser to execute arbitrary attacker code".
I understand the appeal of "magic" to solve issues when you are under a deadline. It is just that trusting it is dangerous.