On Thu, May 4, 2017 at 2:43 AM, Thomas Nyberg <tomuxi...@gmx.com> wrote: > Interesting...learn something new every day! I knew that they would > backport security updates, but I never realized they would actually use > a newer (micro) version of the interpreter while retaining the original > number on the package. (Of course using a newer micro version really > just means officially backporting all those patches...which might mean > basically the same thing as just using the newer micro release and > adding their own changes.) > > Anyway thanks for pointing this out! This is exactly the kind of > misconception that could fester for a long time without my every > realizing it.
They won't update the entire package to 3.4.3 without changing the version number, but what usually happens is that there are just a handful of critical security patches on top of 3.4.2. So they keep calling it 3.4.2, but it's as safe as 3.4.3. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
