Generally speaking, you receive better quality with commercial open source software because of the larger number of reviews the code needs to go through on its way to a production product, and the larger number of people reviewing the code. In most cases, you will see that commercial open source products don't have as many patches or patch cycles as proprietary products. It's important to understand that public scrutiny tends to improve the overall quality of software, just like public scrutiny improves the security of software.
Public scrutiny improves many things, for example, if a movie star is going to have a beach scene in his next film, where he takes off his shirt, he is going to
work out for six months before that scene, right? Because he is going to get publicly scrutinized. That is why movie stars always look in such good shape in the movies 
If you are a proprietary software developer, and your boss walks into your office and says "Fix this before you go home," you will just do whatever you need to get something working so you can head home. It's not as important to you how many memory allocation errors or security flaws you have, because your changes will be included in the next build, and odds are, that as long as it meets the functionality requirements (and does not crash), no one else will even look at your code.
But if you are an open source developer under the same pressure, once you complete that code, you have to submit it to the community for inspection. That community is an average age of 30, and has an average coding experience of 11 years, these are not amateurs. If fact, if you look at places like Slashdot where some of the design discussions take place, they can be ruthless. If they don't like how your code is written, they will criticize it like crazy (along with your intelligence and the intelligence of your family ), much more aggressively than any product manager would with a proprietary vendor.
As a matter of fact, it takes Sun an average of three to four years to take a proprietary product and move its code over into an open source community. A huge amount of that time is spent "cleaning up" the code, so that developers will not be embarrassed in public (among their peers) when the code is released. There are many cases where I have asked product teams to release some products for Government review, before we open the product up, and they often "beg" for more time to clean it up before anyone else gets a chance to look at it. That community peer exposure tends to greatly improve the quality of the code both before it's released, and then after as the community engages in the review process.
After you get through the community review, then you have to go through an architecture review to get included in the product. Next, if the vendor is going to provide support for the product, you have to go through an IP infringement review. Now you will have to show that you can indemnify every line of code that you have and prove that you wrote every line of code that is included in your contribution. If you can't, they won't include it, because they can't indemnify it and guarantee the IP. If you think it's bad to have Techies review it, with open source you have to also have the lawyers review the IP issues with the code, and you know how lawyers can be (I can say that since I am married to a Techie lawyer )
After you are done with those types of inspections, you then have to go through the same kind of inspections that any proprietary vendor would do. Backward compatibilities, security view, QA tests and so on. So open source does receive a lot more inspection and generally leaves with better code. It's not a silver bullet...but it's pretty close.
As you can see from this slide, all major open source products have a community version, and a supported enterprise/commercial version. The peer/community review is done in the open source community environment and once those reviews are done, the code is "harvested or packaged" from the community version to create the enterprise version. Both are open source, but the enterprise version is usually a subset of the community version has gone through the same reviews and QA as any proprietary product. On average, commercial open source products go through about 3x more formal reviews than proprietary products do, and have about 100x more people validating the code and the product.
