logtail.c in app-admin/logsentry-1.1.1 doesn't attempt to read the additional lines since it's last execution in any log files that have been rotated. This could result in missed data related to notable events. Recommendation: add intelligence to logtail.c to look for a rotated file (logfilename.0 or logfilename.1.gz, etc) if the file is smaller or has a different inode since last execution, and include it's contents (since last execution) in the output.
http://bugs.debian.org/cgi-bin/pkgreport.cgi?which=pkg&data=logcheck&archive=no&version=&dist=unstable See related bug for Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336265
I fail to see the real security impact here. Reassigning to bugwranglers since it has no maintainer.
Looks like an upstream issue, I'm afraid, and upstream is rather dead ;) We'll shortly have a new developer onboard maintaining log monitoring / security packages - perhaps it might be feasible to use the stuff Debian has (1.2.50) ?? Resolving as 'not our problem', aka: upstream :)