Ubuntu 17.04 doesn't have Python 3.6, PHP 7.1, or Mesa 17.

Sometimes I wonder what's wrong with some people.
Ubuntu is NOT MEANT TO BE A BLEEDING EDGE distribution. As such, there's literally no point in complaining it doesn't ship the latest version of component X. By design, it usually doesn't. What Michael reports here is rather the exception.
You can get a lot of updates through PPAs (kernel, X server, drivers and whatnot), but out of the box, for better or worse, Ubuntu is about stability.

You need Python 3.6, PHP 7.1, or Mesa 17, there's a broad selection of distros that will cater, including Fedora, Arch or Gentoo.

+1

And unless you really need something present/fixed in Python 3.6 but not in 3.5.3 - what's the big point in wanting it? Slightly older version would have more 3rd party modules available to it and may actually be easier to use.

Not to mention: https://launchpad.net/~jonathonf/+ar...ntu/python-3.6
It's an OS, you can (surprisingly) install anything you want on top.

I wonder how long before malware distributors figure it out and start creating their own 3rd party software repositories. "Newest software here" - hook, line and sinker. Does not have to be malware opening windows and putting up ads on the screen, just quiet data theft trojan accompanied with the legitimate software people want and nobody the wiser.

Maybe it's already been done, it's certainly easier than trying to compromise distributors official website and modify existing installation mediums.Like this https://blogs.forcepoint.com/securit...and-data-theft

FreeBSD also had some years back incident where one of the devs had his SSH keys stolen and as a result whole binary packages repository was deleted for one particular release(9.x something I think), just to remain on the safe side.

3rd party repos are pretty fucking serious security problem in itself. Until nothing has happened, people are way too trusting about'em.

I think this does happen because such a PPA would first need to gain some fame before people start adding in in significant numbers. But yes, it is a potential attack vector.

man, it's developement version yet, it will have x 1.19.x mesa 17.x and probaly the rest, if you need this components now, use ubuntu 16.10 and add some ppa. I'm using ubuntu 16.10 with kernel 4.9, mesa 17 rc2 and php 7.1 etc etc

Python 3.6 is backwards compatible with 3.5.3, since they're both 3.x so I think all 3rd party modules are available.
As a developer, I look forward to Python 3.6 so I can clean up my code using f-strings.