Hi, Since the beginning of the year, I'm working on a tool to track if all security vulnerabilities are fixed in all Python maintained versions (versions still accepting security fixes): http://python-security.readthedocs.io/vulnerabilities.html Currently, five branches are maintained: 2.7, 3.4, 3.5, 3.6 and master. https://devguide.python.org/#status-of-python-branches Thanks to Ned Deily and Georg Brandl, Python 3.3 reached its end-of-life (EOL) last month, after 5 years of good service (as expected). It reduced the number of maintained branches from six to five :-) Python 3.3.7 released last months contains the last security fixes. The good news is that we got releases last months with fixes for almost all security vulnerabilities. Only Python 3.4 and Python 3.5 have two known vulnerabilities, but I consider that their severity is not high hopefully. "Expat 2.2.3" is not fixed yet in Python 3.4 and 3.5, but I'm not sure that Python is really affected by fixed Expat vulnerabilities, since Python uses its own code to generate a secret key for the Expat "hash secret". Our embedded expat copy is used on Windows and macOS, but not on Linux. "update zlib to 1.2.11" was fixed in the Python 3.4 branch, but no release was made yet. This issue only impacts Windows. Linux and macOS use the system zlib. Victor