.postX versions in Python projects are incorrectly treated as a lower version

[ghost]

Package ecosystem: poetry / pip
Package manager version: poetry 1.2.0a1, pip 21.1.2
Language version: 3.9.5
Manifest location and content prior to update:

• https://github.com/nyuszika7h/Blood-on-the-Clocktower-Storyteller-Discord-Bot/blob/ddd9c520a838a3f7b3323a65098ec9179145d0ea/requirements.txt
• https://github.com/nyuszika7h/Blood-on-the-Clocktower-Storyteller-Discord-Bot/blob/ddd9c520a838a3f7b3323a65098ec9179145d0ea/requirements-dev.txt

What you expected to see, versus what you actually saw
It should consider aiohttp==3.7.4.post0 as up to date, but it wants me to update the dependency to an older version (3.7.4).
Native package manager behavior
poetry and pip both correctly consider 3.7.4.post0 to be newer than 3.7.4, per https://www.python.org/dev/peps/pep-0440/#post-releases
Images of the diff or a link to the PR, issue or logs

• https://github.com/nyuszika7h/Blood-on-the-Clocktower-Storyteller-Discord-Bot/security/dependabot/requirements.txt/aiohttp/closed
• https://github.com/nyuszika7h/Blood-on-the-Clocktower-Storyteller-Discord-Bot/security/dependabot/requirements-dev.txt/aiohttp/closed

If I actually try creating a security update, however, it says it is "no longer vulnerable":

🕹 Bonus points: Smallest manifest that reproduces the issue
requirements.txt:

aiohttp==3.7.4.post0

[jeffwidman]

Possibly caused by:

• Improve handling of Python versioning strings #6300