If configuration files are changed the old version will usually be copied to a backup file (*.dpkg-old). Nevertheless it is a good idea to make a system backup yourself before upgrading.
Description how to upgrade
Network
- Device names stay the same (eth0, …). Debian 9 only uses a new naming scheme for new installations.
Bacula 7.4.4
- So far I had no problems to connect bacula-fd v7.4.4 to a bacula server v7.0.5
FreeRadius 3.0.12
- Major upgrade from version 2. The configuration will not be automatically merged. You have to do this manually.
- Basic configuration stays pretty much the same. Some configuration variables have been renamed or moved to a different position.
- New configuration directories:
/etc/freeradius/3.0
/etc/freeradius/3.0/mods-available
/etc/freeradius/3.0/mods-enabled
/etc/freeradius/3.0/sites-available
/etc/freeradius/3.0/sites-enabled - https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/README.rst
ejabberd 16.09
- Basic configuration stays pretty much the same.
- Major upgrade from version 14.07
- https://blog.process-one.net/ejabberd-community-14-12/
https://blog.process-one.net/ejabberd-community-15-02/
https://blog.process-one.net/ejabberd-15-03/
https://blog.process-one.net/ejabberd-15-04/
https://blog.process-one.net/ejabberd-15-06/
https://blog.process-one.net/ejabberd-15-07-released-summer-progress/
https://blog.process-one.net/ejabberd-15-09-oauth/
https://blog.process-one.net/ejabberd-15-10-http-upload-metrics-and-performance/
https://blog.process-one.net/ejabberd-15-11-simpler-cluster-setup/
https://blog.process-one.net/ejabberd-16-01/
https://blog.process-one.net/ejabberd-16-02-happy-leap-day/
https://blog.process-one.net/ejabberd-16-03-experimental-mix-support-ldap-sql-and-riak-improvements/
https://blog.process-one.net/ejabberd-16-04/
https://blog.process-one.net/ejabberd-16-06/
https://blog.process-one.net/ejabberd-16-08/
https://blog.process-one.net/ejabberd-16-09/
Postfix 3.1.4
- Had no problems with a basic configuration and a couple of virtual mailbox domains.
- http://www.postfix.org/announcements.html
amavisd-new 2.10.1-4
- Almost no changes from previous version 2.10.1-2
- https://launchpad.net/debian/+source/amavisd-new/+changelog
spamassassin 3.4.1
- No need to change anything if you have a default installation
- https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.1.txt
courier-*
- New user/group “courier”. File permissions need to be adjusted:
/etc/courier
/var/lib/courier - Some configuration changes (pid file, certificates location, etc.)
ntp 4.2.8p10
- No longer subject to DRDoS Amplification Attack
- Option “limited” added (to default restriction in configuration file)
- Source restriction added (to configuration file)
OpenSSH 7.4
- Major upgrade from version 6.7
- No longer subject to ssh client roaming problem (s. Qualys Security Advisory)
- New “AddKeysToAgent” client parameter (a private key that is used during authentication will be added to ssh-agent)
- Default for “PermitRootLogin” changed from “yes” to “prohibit-password”.
- Default for “UsePrivilegeSeparation” changed from “yes” to “sandbox”
- Default for “UseDNS” changed from “yes” to “no”
- New option to require 2 different public keys for authentication; may be used for two-man rule / four-eyes principle (s. “AuthenticationMethods=publickey,publickey”)
- https://www.openssh.com/txt/
Roland's Linux Blog 