The key reason OpenSSL is so popular in US is because the project is on top of FIPS certifications. LibreSSL might cure cancer, but very few system integrators will use it unless it has certified module.
I would rather it NOT be FIPS certified. I trust my government as much as I trust an 800 lb gorilla.
I call BS. We are talking FOSS here so there can be absolutely no security issue because it was produced by a large community of do-gooders who vetted all commits for us and this means that every bug gets caught within seconds of being committed.
It is a fact (not theory or guess) that only commercial, closed software has security flaws.
Well, it is a security flaw/hole until it's been plugged.
The moon is made of green cheese. -- John Heywood