0

Using Ubuntu 14.04 is there a way to upgrade exim4 without losing configuration? Preferably through apt.

Upon running apt-get --simulate upgrade it shows the package will be upgraded to 4.82-3ubuntu2.4, however the latest version appears to be 4.93 according to [exim.org].

Would the easiest solution be to compile this from source, copying any config files currently in place and just hope that they work with the new version?

c4154882
  • 5
  • 2
  • Ubuntu 14.04 reached its end-of-life last year (except for Canonical's Extended Security Maintenance customers). You should consider upgrading the whole system to Ubuntu 16.04. Can you clarify why do you need to upgrade to a cutting-edge version of **Exim**? – Piotr P. Karwasz Mar 31 '20 at 20:04
  • I completely agree, however due to circumstances (this being a production server) this will have to be scheduled in. We're looking to upgrade Exim first due to a number of CVSS 10 vulnerabilities affecting the installed version which can lead to full compromise of the server. – c4154882 Apr 01 '20 at 10:31

1 Answers1

0

The configuration of exim4 is quite backwards compatible, although the maintainers of the exim4-config improve the rules from time to time (unfortunately the changelog is common for all exim4 packages).

I think your best choice is to upgrade to the xenial-updates package: the minimal versions of its dependencies are quite old, even from an Ubuntu 14.04 perspective, and it covers all recent vulnerabilities. You might get away with just upgrading the exim4-* packages.

You just need to:

  1. Add the xenial-updates repositories to your /etc/apt/sources.list:

    deb http://security.ubuntu.com/ubuntu xenial-updates main

  2. Set the default release to trusty in /etc/apt/apt.conf:

    APT::Default-Release "trusty";

  3. Pin the exim4* packages in /etc/apt/preferences:

    Package: exim4*
Pin: release n="xenial"
Priority: 900

  4. Normally upgrade the exim4 package:

    apt update
apt install exim4

A normal upgrade process will not overwrite your configuration files, but it is better to make a backup. Afterwards you might want to merge the *.dpkg-dist files into your configuration.

Piotr P. Karwasz
  • 5,748
  • 2
  • 11
  • 21