It should have, but keep in mind it wasn’t just a bug in the protocol itself (which certainly wasn’t developed in a vacuum), but a big reason for the severity of the issue is another (related) bug in a widely used and open source implementation of this standard.
What it really comes down to is “shit happens”. Being open source vs closed source or free to play vs fee to pay doesn’t make you immune from mistakes. I mean, a single missing curly brace in an open source component used by Mac OS/iOS completely broke SSL/TLS.
