In addition to the bug issue, OpenSSL has been around a long time and has accumulated a great deal of extra bits and bobs due to it being the Swiss-Army Knife of encryption on a lot of systems. If you’re writing a webserver, you’re unlikely to need support for, say, S/MIME for email encryption, but it’s in there. Smaller libraries like Bear or Boring that were designed specifically to do TLS and little else don’t have the extra pieces, which reduces attack surface, simplifies the code, and makes it easier to remove old encryption ciphers and add new ones.
Assuming it has good functionality: it will have different bugs from the “other package”. So if someone finds a vulnerability in the other pkg your system won’t be vulnerable.
And/or you want specific functionality, like the lack of dynamic allocation.
