But why, yes. OpenSSL has seen vast improvements, not just in code, but also in processes, and multiple audits due to Heartbleed.

After how many years of deployment into production?

If you're asking me personally, OpenSSL always had a funny smell even at the time, and so did TLS, simply because it seemed all way too complicated. TLS v1.3 agrees. As far as TLS implementations go I think pretty much all of them have had major, critical flaws. Microsoft's SChannel has had an RCE since it was born, patched the same year as Heartbleed, Apple's Secure Transport had goto fail (also in 2014 if I recall) etc.

But that didn't answer his question.