But it's been proven that 0-days are patched much more quickly on open source packages than waiting for Patch Tuesday or whatever Microsoft calls it now. Most importantly, the closed source vendor may never release a patch to a dangerous flaw...a flaw that you may never have been made aware of!
Thank God that open-source means that all code will be reviewed and will never have vulnerabilities. https://en.wikipedia.org/wiki/OpenSSL#Notable_vulnerabilities
But hey, let's see proof of the OSS movement patching 0-days quicker, please.