diff --git a/.gitignore b/.gitignore
index 03ba6d7..353210a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/galera-26.4.7.tar.gz
-/galera-26.4.7.tar.gz
+/galera-*.tar.gz
+/galera-*/
diff --git a/galera.spec b/galera.spec
index bad1079..8fa7dc3 100644
--- a/galera.spec
+++ b/galera.spec
@@ -1,5 +1,5 @@
 Name:           galera
-Version:        26.4.7
+Version:        26.4.11
 Release:        1%{?dist}
 Summary:        Synchronous multi-master wsrep provider (replication engine)
 
@@ -15,19 +15,21 @@ Source0:        http://releases.galeracluster.com/source/%{name}-%{version}.tar.
 Source1:        garbd.service
 Source2:        garbd-wrapper
 
-Patch0:         galera-python3.patch
+Patch0:         cmake_paths.patch
 
-BuildRequires:  boost-devel check-devel openssl-devel python3-scons systemd gcc-c++ asio-devel
+BuildRequires:  boost-devel check-devel openssl-devel cmake systemd gcc-c++ asio-devel
+Requires(pre):  /usr/sbin/useradd
 Requires:       nmap-ncat
+Requires:       procps-ng
 
 %{?systemd_requires}
 
 
 %description
-Galera is a fast synchronous multi-master wsrep provider (replication engine)
+Galera is a fast synchronous multimaster wsrep provider (replication engine)
 for transactional databases and similar applications. For more information
-about wsrep API see http://launchpad.net/wsrep. For a description of Galera
-replication engine see http://www.codership.com.
+about wsrep API see https://github.com/codership/wsrep-API repository. For a
+description of Galera replication engine see https://www.galeracluster.com web.
 
 
 %prep
@@ -37,36 +39,83 @@ replication engine see http://www.codership.com.
 %build
 %{set_build_flags}
 
-# Print help:
-#   scons-3 --help
-#   scons-3 -H
+%cmake . \
+       -DCMAKE_BUILD_TYPE="%{?with_debug:Debug}%{!?with_debug:RelWithDebInfo}" \
+       -DINSTALL_LAYOUT=RPM \
+       -DCMAKE_RULE_MESSAGES:BOOL=OFF \
+       \
+       -DBUILD_SHARED_LIBS:BOOL=OFF \
+       \
+       -DINSTALL_DOCDIR="share/doc/%{name}/" \
+       -DINSTALL_GARBD="sbin" \
+       -DINSTALL_GARBD-SYSTEMD="share/doc/galera" \
+       -DINSTALL_CONFIGURATION="/etc/sysconfig/" \
+       -DINSTALL_SYSTEMD_SERVICE="share/doc/galera" \
+       -DINSTALL_LIBDIR="%{_lib}/galera" \
+       -DINSTALL_MANPAGE="share/man/man8"
 
-# Possibly usefull arguments:
-#   --debug=findlibs
-#   --debug=stacktrace
-#   --warn=all
-#   debug=0
+cmake -B %_vpath_builddir -LAH
+
+%cmake_build
 
-# Update for 26.4.6: The strict_build_flags FTBFS on armv7hl and i686; fails to find check.h on RHEL
-# Update for 26.4.7: The strict_build_flags FTBFS ppc64le, failing tests
-%ifarch i686 ppc64le
-scons-3 %{?_smp_mflags} strict_build_flags=0
-%else
-scons-3 %{?_smp_mflags} strict_build_flags=1
-%endif
 
 %install
+%cmake_install
+
+# PATCH 1:
+#   Change the Systemd service name from "garb" to "garbd"
+#
+#   The Galera upstream uses name "garb" for the service while providing "garbd" alias
+#   Fedora downstream packaging historically used "garbd" name for the service.
+#
+#   Let's stick with the Fedora legacy naming, AND provide an alias to the Galera upstream name
+mv %{buildroot}/usr/share/doc/galera/garb.service %{buildroot}/usr/share/doc/galera/garbd.service
+sed -i 's/Alias=garbd.service/Alias=garb.service/g' %{buildroot}/usr/share/doc/galera/garbd.service
+
+# PATCH 2:
+#   Fix the hardcoded paths
+#     In the Systemd service file:
+sed -i 's;/usr/bin/garb-systemd;/usr/sbin/garb-systemd;g' %{buildroot}/usr/share/doc/galera/garbd.service
+#     In the wrapper script:
+sed -i 's;/usr/bin/garbd;/usr/sbin/garbd;g' %{buildroot}/usr/share/doc/galera/garb-systemd
+
+# PATCH 4:
+#  Use a dedicated user for the Systemd service
+#  To fix an security issue reported by Systemd:
+#
+## systemd[1]: /usr/lib/systemd/system/garb.service:14: Special user nobody configured, this is not safe!
+##   Subject: Special user nobody configured, this is not safe!
+##   Defined-By: systemd
+##   Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
+##   Documentation: https://systemd.io/UIDS-GIDS
+##
+##   The unit garb.service is configured to use User=nobody.
+##
+##   This is not safe. The nobody user's main purpose on Linux-based
+##   operating systems is to be the owner of files that otherwise cannot be mapped
+##   to any local user. It's used by the NFS client and Linux user namespacing,
+##   among others. By running a unit's processes under the identity of this user
+##   they might possibly get read and even write access to such files that cannot
+##   otherwise be mapped.
+##
+##   It is strongly recommended to avoid running services under this user identity,
+##   in particular on systems using NFS or running containers. Allocate a user ID
+##   specific to this service, either statically via systemd-sysusers or dynamically
+##   via the DynamicUser= service setting.
+sed -i 's/User=nobody/User=garb/g' %{buildroot}/usr/share/doc/galera/garbd.service
+
+# Install old service and wrapper to maintain compatibility
 install -D -m 644 %{SOURCE1} %{buildroot}%{_unitdir}/garbd.service
 install -D -m 755 %{SOURCE2} %{buildroot}%{_sbindir}/garbd-wrapper
-install -D -m 755 garb/garbd %{buildroot}%{_sbindir}/garbd
-install -D -m 755 libgalera_smm.so %{buildroot}%{_libdir}/galera/libgalera_smm.so
-install -D -m 644 garb/files/garb.cnf %{buildroot}%{_sysconfdir}/sysconfig/garb
-install -D -m 644 COPYING %{buildroot}%{_docdir}/galera/COPYING
-install -D -m 644 asio/LICENSE_1_0.txt %{buildroot}%{_docdir}/galera/LICENSE.asio
-install -D -m 644 scripts/packages/README %{buildroot}%{_docdir}/galera/README
-install -D -m 644 scripts/packages/README-MySQL %{buildroot}%{_docdir}/galera/README-MySQL
 
 
+%check
+%ctest
+
+
+%pre
+/usr/sbin/useradd -M -r -d /dev/null -s /sbin/nologin -c "Galera Arbitrator Daemon" garb >/dev/null 2>&1 || :
+
 %post
 /sbin/ldconfig
 %systemd_post garbd.service
@@ -81,19 +130,51 @@ install -D -m 644 scripts/packages/README-MySQL %{buildroot}%{_docdir}/galera/RE
 
 %files
 %config(noreplace,missingok) %{_sysconfdir}/sysconfig/garb
+
 %dir %{_docdir}/galera
 %dir %{_libdir}/galera
+
 %{_sbindir}/garbd
 %{_sbindir}/garbd-wrapper
+
+# PATCH 3:
+#   Make sure the wrapper script is executable
+%attr(755, -, -) %{_docdir}/galera/garb-systemd
+
+%{_mandir}/man8/garbd.8*
+
 %{_unitdir}/garbd.service
+%{_docdir}/galera/garbd.service
+
 %{_libdir}/galera/libgalera_smm.so
+
+%doc %{_docdir}/galera/AUTHORS
 %doc %{_docdir}/galera/COPYING
 %doc %{_docdir}/galera/LICENSE.asio
 %doc %{_docdir}/galera/README
-%doc %{_docdir}/galera/README-MySQL
+#%doc %{_docdir}/galera/README-MySQL
 
 
 %changelog
+* Sun Feb 20 2022 Michal Schorm <mschorm@redhat.com> - 26.4.11-1
+- Rebase to 26.4.11
+
+* Fri Jan 28 2022 Lukas Javorsky <ljavorsk@redhat.com> - 26.4.9-4
+- Use downstream garbd-wrapper and garbd.service to ensure compatibility
+- Add upstream versions of garbd-wrapper (called garbd-systemd) and garbd.service
+  in case user want's to use them
+
+* Wed Jan 19 2022 Lukas Javorsky <ljavorsk@redhat.com> - 26.4.9-3
+- Explicitly require the 'procps-ng' package
+- Otherwise it will not require it in the lightweight systems (e.g. containers)
+- and Galera won't work properly
+
+* Wed Jan 19 2022 Michal Schorm <mschorm@redhat.com> -     26.4.9-2
+- Switch from SCONS build tooling to CMAKE build tooling
+
+* Wed Jan 19 2022 Lukas Javorsky <ljavorsk@redhat.com> - 26.4.9-1
+- Rebase to 26.4.9
+
 * Mon Mar 22 2021 Michal Schorm <mschorm@redhat.com> - 26.4.7-1
 - Rebase to 26.4.7
 
diff --git a/sources b/sources
index 475b61a..7fc31ea 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (galera-26.4.7.tar.gz) = 6c5016aca151c4560db65bed309d8381080546030f003a5aa1177d68685eabbce44dfc2551db8756206831a898659b26d0904a48336b8ba22c0106260577543e
+SHA512 (galera-26.4.11.tar.gz) = 7f8f6c6633ca3cc782ec5e874303bf9e5343bffb0da5bbda50417750a1d22b4540bfaa2339a75c506214b7aa5ecc253fa4888c2e8e532751d4e904ca50001ecf