As one of the maintainers of pyca/cryptography, I'm strongly in favor of upgrading. Older releases do not receive support (including security fixes) from the maintainers. And in the past few releases we've added many new features, support for more strong cryptographic algorithms, and significantly improved performance.
