OpenSource Software was always praised as more secure than typical „closed source“ programs. The reason being that „everybody“ can look into the code and check it for bugs of any kind but especially for security bugs. This bug in OpenSource Software took two years to be discovered.
Nach Heartbleed: OpenSSL-Projekt bittet um Unterstützung | heise Security.