Bug#788908: rkhunter: Wrong logcheck rule for slow scans

[Rafael Laboissiere]

Package: rkhunter
Version: 1.4.2-1
Severity: normal

The logcheck rule for slow scans in debian/logcheck.ignore.server is 
wrong, since it ignores the inclusion of minutes.  The Git commit 
aa1530e [1] is an attempt to fix the problem, but it does not get it 
right, because it is lacking the "and" word.  The correct rule should be:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ Rootkit Hunter: Scanning took ([0-9]+ minutes? and )?[0-9]+ seconds$

Best,

Rafael

1. https://anonscm.debian.org/cgit/forensics/rkhunter.git/commit/?id=aa1530e

-- System Information:

  Debian Release: 8.0
    APT prefers unstable
    APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
  Architecture: i386 (i686)

  Kernel: Linux 3.18.0-trunk-686-pae (SMP w/2 CPU cores)
  Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
  Shell: /bin/sh linked to /bin/dash
  Init: systemd (via /run/systemd/system)

  Versions of packages rkhunter depends on:
  ii  binutils               2.25-7
  ii  debconf [debconf-2.0]  1.5.56
  ii  file                   1:5.22+15-2
  ii  lsof                   4.86+dfsg-1
  ii  net-tools              1.60-26+b1
  ii  perl                   5.20.2-3
  ii  ucf                    3.0030

  Versions of packages rkhunter recommends:
  ii  bsd-mailx [mailx]                          8.1.2-0.20141216cvs-2
  ii  curl                                       7.42.1-2
  ii  exim4-daemon-light [mail-transport-agent]  4.85-3
  ii  iproute2                                   3.16.0-2
  ii  unhide                                     20121229-1+b1
  ii  unhide.rb                                  22-1
  ii  wget                                       1.16.3-2

  Versions of packages rkhunter suggests:
  ii  liburi-perl     1.64-1
  ii  libwww-perl     6.08-1
  ii  powermgmt-base  1.31+nmu1

  -- debconf information:
    rkhunter/cron_db_update:
    rkhunter/apt_autogen: false
    rkhunter/cron_daily_run: