Nick> Upgrading your Python interpreter (even to a new maintenance Nick> branch release) in a production environment is usually a fairly Nick> involved exercise requiring a significant amount of testing, and Nick> the fact of the matter is, you're unlikely to do so unless there Nick> is some feature or bug-fix in a new version that you really Nick> need. (I'm still using Python 2.2.2 at work - it's entirely Nick> adequate for our needs, so there's no real pressure to upgrade on Nick> the current project. For a new project, I'd probably start with Nick> 2.4, planning to go to 2.4.1 in a couple of months time, but there Nick> aren't really any post-2.2 additions to Python that I can't handle Nick> living without).
Still, if a security bug was serious enough, my guess is that someone would step up to supply patches (or Windows installers) for any of a number of versions that were affected by the bug, even 2.1 or 1.5.2. That someone might or might not be part of the core development team. That nothing like that has been done before doesn't preclude it being done in the future. Skip -- http://mail.python.org/mailman/listinfo/python-list