+--------------------------------------------------------------------------------+
| MyBB 1.4.10 - Security Update Patch File                                       |
| (c) 2009 MyBB Group.                                                           |
|                                                                                |
| This patch file fixes one low risk issue and a performance issue in MyBB 1.4.10|
|                                                                                |
| Please follow the instructions documented to manually patch your board.        |
+--------------------------------------------------------------------------------+

===============
1. usercp.php
===============

Find:
--
	elseif($mybb->input['gallery']) // Gallery avatar
	{
--

Add after:
--
	$mybb->input['avatardir'] = str_replace(array("./", ".."), "", $mybb->input['avatardir']);
	$mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']);
--

===============
2. admin/modules/user/users.php
===============

Find:
--
	if(file_exists("../".$mybb->settings['avatardir']."/".$mybb->input['avatar']))
--

Add Before:
--
	$mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']);
--

===============
3. inc/functions_time.php
===============

Find:
--
	if ($year >= 1970) {
--

Replace with:
--
	if($year >= 9999) {
		return time();
	} else if ($year >= 1970) {
--

===============
4. inc/class_core.php (Version number change)
===============

Find:
--
/**
 * The friendly version number of MyBB we're running.
 *
 * @var string
 */
var $version = "1.4.10";

/**
 * The version code of MyBB we're running.
 *
 * @var integer
 */
var $version_code = 1410;
--

Replace with:
--
/**
 * The friendly version number of MyBB we're running.
 *
 * @var string
 */
var $version = "1.4.11";

/**
 * The version code of MyBB we're running.
 *
 * @var integer
 */
var $version_code = 1411;
--

ALL DONE