Bug #92631 for DateTime-TimeZone: [PATCH] DateTime::TimeZone::Local does not work correctly in taint mode (perl -T)

In case anyone else is having this issue, the original symptom was: << I upgraded my machine and Bugzilla started saying "Cannot determine local time zone". Show quoted text
I don't know when or where the breaking change was made, but I finally tracked down the problem: When running in taint mode (which Bugzilla does), reading from /etc/timezone results in a tainted time zone name. When this makes its way to the DateTime::TimeZone constructor, the string in $real_class is tainted, and the line: eval "require $real_class" fails. I have attached a patch that does the following: * When the DateTime::TimeZone constructor checks the validity of $real_class, it untaints $real_class at the same time. * Creates a new test (22taintmode.t) that verifies that DateTime::TimeZone::Local->TimeZone works correctly in taint mode. System information: Debian Jessie (testing) Linux bugzilla 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2 x86_64 GNU/Linux Perl version 5.18.2-2 This is perl 5, version 18, subversion 2 (v5.18.2) built for x86_64-linux-gnu-thread-multi (with 40 registered patches, see perl -V for more detail) -- -- Stevie-O Real programmers use COPY CON PROGRAM.EXE