diff --git a/.gitignore b/.gitignore
index 62b504a..dbcc072 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,22 +3,20 @@ SOURCES/backports-3.24.1.gem
 SOURCES/dacite-1.8.1.tar.gz
 SOURCES/dataclasses-0.8.tar.gz
 SOURCES/ethon-0.16.0.gem
-SOURCES/ffi-1.15.5.gem
+SOURCES/ffi-1.16.3.gem
 SOURCES/json-2.6.3.gem
 SOURCES/mustermann-2.0.2.gem
 SOURCES/nio4r-2.5.9.gem
 SOURCES/open4-1.3.4-1.gem
-SOURCES/pcs-0.10.17.tar.gz
-SOURCES/pcs-web-ui-0.1.13.tar.gz
-SOURCES/pcs-web-ui-node-modules-0.1.13.tar.xz
-SOURCES/puma-6.3.0.gem
+SOURCES/pcs-0.10.18.tar.gz
+SOURCES/puma-6.4.0.gem
 SOURCES/pyagentx-0.4.pcs.2.tar.gz
 SOURCES/python-dateutil-2.8.2.tar.gz
-SOURCES/rack-2.2.7.gem
+SOURCES/rack-2.2.8.gem
 SOURCES/rack-protection-2.2.4.gem
 SOURCES/rack-test-2.1.0.gem
-SOURCES/rexml-3.2.5.gem
+SOURCES/rexml-3.2.6.gem
 SOURCES/ruby2_keywords-0.0.5.gem
 SOURCES/sinatra-2.2.4.gem
-SOURCES/tilt-2.2.0.gem
+SOURCES/tilt-2.3.0.gem
 SOURCES/tornado-6.1.0.tar.gz
diff --git a/.pcs.metadata b/.pcs.metadata
index b95c22b..daef919 100644
--- a/.pcs.metadata
+++ b/.pcs.metadata
@@ -3,22 +3,20 @@
 07b26abbf7ff0dcba5c7f9e814ff7eebafefb058 SOURCES/dacite-1.8.1.tar.gz
 8b7598273d2ae6dad2b88466aefac55071a41926 SOURCES/dataclasses-0.8.tar.gz
 5b56a68268708c474bef04550639ded3add5e946 SOURCES/ethon-0.16.0.gem
-97632b7975067266c0b39596de0a4c86d9330658 SOURCES/ffi-1.15.5.gem
+10e4cf0e11ef4581ec4ad5fe2cdf3c78b6077d39 SOURCES/ffi-1.16.3.gem
 6d78f730b7f3b25fb3f93684fe1364acf58bce6b SOURCES/json-2.6.3.gem
 f5f804366823c1126791dfefd98dd0539563785c SOURCES/mustermann-2.0.2.gem
 2f65d371f5f37460ad74afcedcb97d2b41a46806 SOURCES/nio4r-2.5.9.gem
 41a7fe9f8e3e02da5ae76c821b89c5b376a97746 SOURCES/open4-1.3.4-1.gem
-12cbd247549ef3422825f9a87f0aad6115abc14f SOURCES/pcs-0.10.17.tar.gz
-f7455776936492ce7b241f9801d6bbc946b0461a SOURCES/pcs-web-ui-0.1.13.tar.gz
-bd18d97d611233914828719c97b4d98d079913d2 SOURCES/pcs-web-ui-node-modules-0.1.13.tar.xz
-77e706abd5f50cc4b6e175931dda25e902c46018 SOURCES/puma-6.3.0.gem
+b3cd873042b17021355b68f1f7aa313f0c1f3fee SOURCES/pcs-0.10.18.tar.gz
+d6049c4555f3c9d198e6eb1d7e53ce9b68e175ff SOURCES/puma-6.4.0.gem
 3176b2f2b332c2b6bf79fe882e83feecf3d3f011 SOURCES/pyagentx-0.4.pcs.2.tar.gz
 c2ba10c775b7a52a4b57cac4d4110a0c0f812a82 SOURCES/python-dateutil-2.8.2.tar.gz
-f60fea8846d18d6389fe22ef431fac9e9a8d796d SOURCES/rack-2.2.7.gem
+f0cdb53d6ed96f91851c32bccf9b21c4662afd2d SOURCES/rack-2.2.8.gem
 5347315a7283f0b04443e924ed4eaa17807432c8 SOURCES/rack-protection-2.2.4.gem
 ae09ea83748b55875edc3708fffba90db180cb8e SOURCES/rack-test-2.1.0.gem
-e7f48fa5fb2d92e6cb21d6b1638fe41a5a7c4287 SOURCES/rexml-3.2.5.gem
+c88fc3ffdbde9dd49b24b4d9876673533b4aba76 SOURCES/rexml-3.2.6.gem
 d017b9e4d1978e0b3ccc3e2a31493809e4693cd3 SOURCES/ruby2_keywords-0.0.5.gem
 fa6a6c98f885e93f54c23dd0454cae906e82c31b SOURCES/sinatra-2.2.4.gem
-6a06f99324246b8d4c443ce596789e64a0c05fe4 SOURCES/tilt-2.2.0.gem
+4a38a9a55887b2882182a2c5771e592efe514e5e SOURCES/tilt-2.3.0.gem
 c23c617c7a0205e465bebad5b8cdf289ae8402a2 SOURCES/tornado-6.1.0.tar.gz
diff --git a/SOURCES/RHEL-17280-01-disable-new-webui-routes.patch b/SOURCES/RHEL-17280-01-disable-new-webui-routes.patch
new file mode 100644
index 0000000..7d4841b
--- /dev/null
+++ b/SOURCES/RHEL-17280-01-disable-new-webui-routes.patch
@@ -0,0 +1,55 @@
+From 957856a556f5ed92129ce602538c3df3aebce7a3 Mon Sep 17 00:00:00 2001
+From: Ivan Devat <idevat@redhat.com>
+Date: Tue, 5 Dec 2023 15:18:35 +0100
+Subject: [PATCH 2/2] disable alternative webui routes
+
+This commit is intended to be downstream only.
+
+The new web ui was part of rhel8 as a technical preview. But new web ui
+is now the main in rhel9 and there is no need to keep it in rhel8.
+To prevent unnecessary maintenance burden it is disabled now.
+No handler code is removed, just routing disabled.
+---
+ pcs/daemon/run.py | 26 ++++++++++++++++----------
+ 1 file changed, 16 insertions(+), 10 deletions(-)
+
+diff --git a/pcs/daemon/run.py b/pcs/daemon/run.py
+index 7fdeda2a..0a6b1b21 100644
+--- a/pcs/daemon/run.py
++++ b/pcs/daemon/run.py
+@@ -81,16 +81,22 @@ def configure_app(
+             routes.extend(
+                 # old web ui by default
+                 [(r"/", RedirectHandler, dict(url="/manage"))]
+-                + [(r"/ui", RedirectHandler, dict(url="/ui/"))]
+-                + ui.get_routes(
+-                    url_prefix="/ui/",
+-                    app_dir=os.path.join(public_dir, "ui"),
+-                    fallback_page_path=os.path.join(
+-                        public_dir,
+-                        "ui_instructions.html",
+-                    ),
+-                    session_storage=session_storage,
+-                )
++                # The following disabled routes was for the new web ui. The new
++                # web ui was here as a technical preview. But new web ui is now
++                # the main in rhel9 and there is no need to keep it in rhel8.
++                # To prevent unnecessary maintenance burden it is disabled now.
++                # No handler code is removed, just routing disabled.
++                #
++                # + [(r"/ui", RedirectHandler, dict(url="/ui/"))]
++                # + ui.get_routes(
++                #     url_prefix="/ui/",
++                #     app_dir=os.path.join(public_dir, "ui"),
++                #     fallback_page_path=os.path.join(
++                #         public_dir,
++                #         "ui_instructions.html",
++                #     ),
++                #     session_storage=session_storage,
++                # )
+                 + sinatra_ui.get_routes(
+                     session_storage, ruby_pcsd_wrapper, public_dir
+                 )
+-- 
+2.43.0
+
diff --git a/SOURCES/bz2218841-01-fix-displaying-duplicate-records-in-property-command.patch b/SOURCES/bz2218841-01-fix-displaying-duplicate-records-in-property-command.patch
deleted file mode 100644
index 8658ab9..0000000
--- a/SOURCES/bz2218841-01-fix-displaying-duplicate-records-in-property-command.patch
+++ /dev/null
@@ -1,331 +0,0 @@
-From 13efdd334514daeff8a2f7c3e89c3ed6a64a9bef Mon Sep 17 00:00:00 2001
-From: Miroslav Lisik <mlisik@redhat.com>
-Date: Tue, 27 Jun 2023 11:59:00 +0200
-Subject: [PATCH 1/2] fix displaying duplicate records in property commands
-
----
- CHANGELOG.md                                  |  9 +++
- pcs/cli/cluster_property/output.py            | 65 +++++++++----------
- .../cli/cluster_property/test_command.py      | 15 +++++
- .../tier0/cli/cluster_property/test_output.py | 33 ++++++----
- .../lib/commands/test_cluster_property.py     | 28 ++++++++
- 5 files changed, 103 insertions(+), 47 deletions(-)
-
-diff --git a/CHANGELOG.md b/CHANGELOG.md
-index 0ca054e1..a1a4277f 100644
---- a/CHANGELOG.md
-+++ b/CHANGELOG.md
-@@ -1,5 +1,14 @@
- # Change Log
- 
-+## [Unreleased]
-+
-+### Fixed
-+- Do not display duplicate records in commands `pcs property [config] --all`
-+  and `pcs property describe` ([rhbz#2217850])
-+
-+[rhbz#2217850]: https://bugzilla.redhat.com/show_bug.cgi?id=2217850
-+
-+
- ## [0.10.17] - 2023-06-19
- 
- ### Added
-diff --git a/pcs/cli/cluster_property/output.py b/pcs/cli/cluster_property/output.py
-index 12d626f1..1af93ea3 100644
---- a/pcs/cli/cluster_property/output.py
-+++ b/pcs/cli/cluster_property/output.py
-@@ -34,21 +34,15 @@ class PropertyConfigurationFacade:
-         readonly_properties: StringCollection,
-     ) -> None:
-         self._properties = properties
-+        self._first_nvpair_set = (
-+            self._properties[0].nvpairs if self._properties else []
-+        )
-         self._properties_metadata = properties_metadata
-         self._readonly_properties = readonly_properties
--        self._defaults_map = {
--            metadata.name: metadata.default
--            for metadata in self._properties_metadata
--            if metadata.default is not None
-+        self._defaults_map = self.get_defaults(include_advanced=True)
-+        self._name_nvpair_dto_map = {
-+            nvpair_dto.name: nvpair_dto for nvpair_dto in self._first_nvpair_set
-         }
--        self._name_nvpair_dto_map = (
--            {
--                nvpair_dto.name: nvpair_dto
--                for nvpair_dto in self._properties[0].nvpairs
--            }
--            if self._properties
--            else {}
--        )
- 
-     @classmethod
-     def from_properties_dtos(
-@@ -108,17 +102,6 @@ class PropertyConfigurationFacade:
-             return value
-         return self._defaults_map.get(property_name, custom_default)
- 
--    @staticmethod
--    def _filter_names_advanced(
--        metadata: ResourceAgentParameterDto,
--        property_names: Optional[StringSequence] = None,
--        include_advanced: bool = False,
--    ) -> bool:
--        return bool(
--            (not property_names and (include_advanced or not metadata.advanced))
--            or (property_names and metadata.name in property_names)
--        )
--
-     def get_defaults(
-         self,
-         property_names: Optional[StringSequence] = None,
-@@ -126,11 +109,10 @@ class PropertyConfigurationFacade:
-     ) -> Dict[str, str]:
-         return {
-             metadata.name: metadata.default
--            for metadata in self._properties_metadata
--            if metadata.default is not None
--            and self._filter_names_advanced(
--                metadata, property_names, include_advanced
-+            for metadata in self.get_properties_metadata(
-+                property_names, include_advanced
-             )
-+            if metadata.default is not None
-         }
- 
-     def get_properties_metadata(
-@@ -138,23 +120,34 @@ class PropertyConfigurationFacade:
-         property_names: Optional[StringSequence] = None,
-         include_advanced: bool = False,
-     ) -> Sequence[ResourceAgentParameterDto]:
--        return [
--            metadata
--            for metadata in self._properties_metadata
--            if self._filter_names_advanced(
--                metadata, property_names, include_advanced
--            )
--        ]
-+        if property_names:
-+            filtered_metadata = [
-+                metadata
-+                for metadata in self._properties_metadata
-+                if metadata.name in property_names
-+            ]
-+        else:
-+            filtered_metadata = [
-+                metadata
-+                for metadata in self._properties_metadata
-+                if include_advanced or not metadata.advanced
-+            ]
-+        deduplicated_metadata = {
-+            metadata.name: metadata for metadata in filtered_metadata
-+        }
-+        return list(deduplicated_metadata.values())
- 
-     def get_name_value_default_list(self) -> List[Tuple[str, str, bool]]:
-         name_value_default_list = [
-             (nvpair_dto.name, nvpair_dto.value, False)
--            for nvpair_dto in self._name_nvpair_dto_map.values()
-+            for nvpair_dto in self._first_nvpair_set
-         ]
-         name_value_default_list.extend(
-             [
-                 (metadata_dto.name, metadata_dto.default, True)
--                for metadata_dto in self._properties_metadata
-+                for metadata_dto in self.get_properties_metadata(
-+                    include_advanced=True
-+                )
-                 if metadata_dto.name not in self._name_nvpair_dto_map
-                 and metadata_dto.default is not None
-             ]
-diff --git a/pcs_test/tier0/cli/cluster_property/test_command.py b/pcs_test/tier0/cli/cluster_property/test_command.py
-index 14c8f6c1..702266f0 100644
---- a/pcs_test/tier0/cli/cluster_property/test_command.py
-+++ b/pcs_test/tier0/cli/cluster_property/test_command.py
-@@ -21,6 +21,21 @@ from pcs_test.tools.misc import dict_to_modifiers
- 
- FIXTURE_PROPERTY_METADATA = ClusterPropertyMetadataDto(
-     properties_metadata=[
-+        ResourceAgentParameterDto(
-+            name="property_name",
-+            shortdesc="Duplicate property",
-+            longdesc=None,
-+            type="string",
-+            default="duplicate_default",
-+            enum_values=None,
-+            required=False,
-+            advanced=False,
-+            deprecated=False,
-+            deprecated_by=[],
-+            deprecated_desc=None,
-+            unique_group=None,
-+            reloadable=False,
-+        ),
-         ResourceAgentParameterDto(
-             name="property_name",
-             shortdesc=None,
-diff --git a/pcs_test/tier0/cli/cluster_property/test_output.py b/pcs_test/tier0/cli/cluster_property/test_output.py
-index a4281a74..f10b0492 100644
---- a/pcs_test/tier0/cli/cluster_property/test_output.py
-+++ b/pcs_test/tier0/cli/cluster_property/test_output.py
-@@ -21,6 +21,7 @@ FIXTURE_TWO_PROPERTY_SETS = [
-             CibNvpairDto(id="", name="readonly2", value="ro_val2"),
-             CibNvpairDto(id="", name="property2", value="val2"),
-             CibNvpairDto(id="", name="property1", value="val1"),
-+            CibNvpairDto(id="", name="property1", value="duplicate_val1"),
-         ],
-     ),
-     CibNvsetDto(
-@@ -39,6 +40,7 @@ FIXTURE_READONLY_PROPERTIES_LIST = ["readonly1", "readonly2"]
- FIXTURE_TEXT_OUTPUT_FIRST_SET = dedent(
-     """\
-     Cluster Properties: id1 score=150
-+      property1=duplicate_val1
-       property1=val1
-       property2=val2
-       readonly1=ro_val1
-@@ -49,7 +51,7 @@ FIXTURE_TEXT_OUTPUT_FIRST_SET = dedent(
- FIXTURE_LEGACY_TEXT_OUTPUT_FIRST_SET = dedent(
-     """\
-     Cluster Properties:
--     property1: val1
-+     property1: duplicate_val1
-      property2: val2
-      readonly1: ro_val1
-      readonly2: ro_val2
-@@ -85,6 +87,7 @@ def fixture_property_metadata(
- 
- 
- FIXTURE_PROPERTY_METADATA_LIST = [
-+    fixture_property_metadata(name="property1", default="duplicate_default1"),
-     fixture_property_metadata(name="property1", default="default1"),
-     fixture_property_metadata(name="property2", default="default2"),
-     fixture_property_metadata(
-@@ -164,7 +167,7 @@ class TestPropertyConfigurationFacadeGetPropertyValue(TestCase):
-         )
- 
-     def test_property_value_from_first_set(self):
--        self.assertEqual(self.facade.get_property_value("property1"), "val1")
-+        self.assertEqual(self.facade.get_property_value("property2"), "val2")
- 
-     def test_property_value_from_second_set(self):
-         self.assertEqual(self.facade.get_property_value("property3"), None)
-@@ -180,6 +183,11 @@ class TestPropertyConfigurationFacadeGetPropertyValue(TestCase):
-             "custom",
-         )
- 
-+    def test_property_with_multiple_values(self):
-+        self.assertEqual(
-+            self.facade.get_property_value("property1"), "duplicate_val1"
-+        )
-+
- 
- class TestPropertyConfigurationFacadeGetPropertyValueOrDefault(TestCase):
-     def setUp(self):
-@@ -191,7 +199,7 @@ class TestPropertyConfigurationFacadeGetPropertyValueOrDefault(TestCase):
- 
-     def test_property_value_from_first_set(self):
-         self.assertEqual(
--            self.facade.get_property_value_or_default("property1"), "val1"
-+            self.facade.get_property_value_or_default("property2"), "val2"
-         )
- 
-     def test_property_value_not_in_set(self):
-@@ -267,21 +275,22 @@ class TestPropertyConfigurationFacadeGetPropertiesMetadata(TestCase):
-         )
- 
-     def test_metadata_without_advanced(self):
--        metadata = FIXTURE_PROPERTY_METADATA_LIST[0:2]
--        self.assertEqual(self.facade.get_properties_metadata(), metadata)
-+        metadata = FIXTURE_PROPERTY_METADATA_LIST[1:3]
-+        self.assertCountEqual(self.facade.get_properties_metadata(), metadata)
- 
-     def test_metadata_with_advanced(self):
--        metadata = FIXTURE_PROPERTY_METADATA_LIST
--        self.assertEqual(
--            self.facade.get_properties_metadata(include_advanced=True), metadata
-+        metadata = FIXTURE_PROPERTY_METADATA_LIST[1:]
-+        self.assertCountEqual(
-+            self.facade.get_properties_metadata(include_advanced=True),
-+            metadata,
-         )
- 
-     def test_metadata_specified(self):
-         metadata = (
--            FIXTURE_PROPERTY_METADATA_LIST[0:1]
-+            FIXTURE_PROPERTY_METADATA_LIST[1:2]
-             + FIXTURE_PROPERTY_METADATA_LIST[-1:]
-         )
--        self.assertEqual(
-+        self.assertCountEqual(
-             self.facade.get_properties_metadata(
-                 property_names=["property4", "property1"]
-             ),
-@@ -303,6 +312,7 @@ class TestPropertyConfigurationFacadeGetNameValueDefaultList(TestCase):
-             ("readonly2", "ro_val2", False),
-             ("property2", "val2", False),
-             ("property1", "val1", False),
-+            ("property1", "duplicate_val1", False),
-             ("property3", "default3", True),
-             ("property4", "default4", True),
-         ]
-@@ -531,7 +541,8 @@ class TestPropertiesToCmd(TestCase):
-             """\
-             pcs property set --force -- \\
-               property2=val2 \\
--              property1=val1
-+              property1=val1 \\
-+              property1=duplicate_val1
-             """
-         )
-         self.assert_lines(facade, output)
-diff --git a/pcs_test/tier0/lib/commands/test_cluster_property.py b/pcs_test/tier0/lib/commands/test_cluster_property.py
-index 4a985b5d..92486703 100644
---- a/pcs_test/tier0/lib/commands/test_cluster_property.py
-+++ b/pcs_test/tier0/lib/commands/test_cluster_property.py
-@@ -890,6 +890,10 @@ class TestGetProperties(TestCase):
-         )
-         self.env_assist.assert_reports([])
- 
-+    @mock.patch(
-+        "pcs.lib.cib.rule.in_effect.has_rule_in_effect_status_tool",
-+        lambda: True,
-+    )
-     def test_evaluate_expired_but_no_set_rule(self):
-         self.config.runner.cib.load(
-             crm_config=fixture_crm_config_properties([("set_id", {})])
-@@ -903,6 +907,30 @@ class TestGetProperties(TestCase):
-             ),
-         )
- 
-+    @mock.patch(
-+        "pcs.lib.cib.rule.in_effect.has_rule_in_effect_status_tool",
-+        lambda: False,
-+    )
-+    def test_evaluate_expired_no_status_tool(self):
-+        self.config.runner.cib.load(
-+            crm_config=fixture_crm_config_properties([("set_id", {})])
-+        )
-+        self.assertEqual(
-+            self.command(evaluate_expired=True),
-+            ListCibNvsetDto(
-+                nvsets=[
-+                    CibNvsetDto(id="set_id", options={}, rule=None, nvpairs=[])
-+                ]
-+            ),
-+        )
-+        self.env_assist.assert_reports(
-+            [
-+                fixture.warn(
-+                    reports.codes.RULE_IN_EFFECT_STATUS_DETECTION_NOT_SUPPORTED,
-+                )
-+            ]
-+        )
-+
- 
- class TestGetPropertiesMetadata(MetadataErrorMixin, TestCase):
-     _load_cib_when_metadata_error = False
--- 
-2.41.0
-
diff --git a/SOURCES/bz2219388-01-use-a-filter-when-extracting-a-config-backup-tarball.patch b/SOURCES/bz2219388-01-use-a-filter-when-extracting-a-config-backup-tarball.patch
deleted file mode 100644
index 8a3ea41..0000000
--- a/SOURCES/bz2219388-01-use-a-filter-when-extracting-a-config-backup-tarball.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From 592f79d7e6885b7b82275dc22961009d31b6ad52 Mon Sep 17 00:00:00 2001
-From: Tomas Jelinek <tojeline@redhat.com>
-Date: Tue, 11 Jul 2023 14:09:17 +0200
-Subject: [PATCH 2/2] use a filter when extracting a config backup tarball
-
----
- CHANGELOG.md  |  5 +++++
- pcs/config.py | 26 ++++++++++++++++++++++++--
- 2 files changed, 29 insertions(+), 2 deletions(-)
-
-diff --git a/CHANGELOG.md b/CHANGELOG.md
-index a1a4277f..4c3b44d8 100644
---- a/CHANGELOG.md
-+++ b/CHANGELOG.md
-@@ -2,11 +2,16 @@
- 
- ## [Unreleased]
- 
-+### Security
-+- Make use of filters when extracting tarballs to enhance security if provided
-+  by Python (`pcs config restore` command) ([rhbz#2219388])
-+
- ### Fixed
- - Do not display duplicate records in commands `pcs property [config] --all`
-   and `pcs property describe` ([rhbz#2217850])
- 
- [rhbz#2217850]: https://bugzilla.redhat.com/show_bug.cgi?id=2217850
-+[rhbz#2219388]: https://bugzilla.redhat.com/show_bug.cgi?id=2219388
- 
- 
- ## [0.10.17] - 2023-06-19
-diff --git a/pcs/config.py b/pcs/config.py
-index 39adbc76..26d467a5 100644
---- a/pcs/config.py
-+++ b/pcs/config.py
-@@ -516,14 +516,36 @@ def config_restore_local(infile_name, infile_obj):
-                 if "rename" in extract_info and extract_info["rename"]:
-                     if tmp_dir is None:
-                         tmp_dir = tempfile.mkdtemp()
--                    tarball.extractall(tmp_dir, [tar_member_info])
-+                    if hasattr(tarfile, "data_filter"):
-+                        # Safe way of extraction is available since Python 3.12,
-+                        # hasattr above checks if it's available.
-+                        # It's also backported to 3.11.4, 3.10.12, 3.9.17.
-+                        # It may be backported to older versions in downstream.
-+                        tarball.extractall(
-+                            tmp_dir, [tar_member_info], filter="data"
-+                        )
-+                    else:
-+                        # Unsafe way of extraction
-+                        # Remove once we don't support Python 3.8 and older
-+                        tarball.extractall(tmp_dir, [tar_member_info])
-                     path_full = extract_info["path"]
-                     shutil.move(
-                         os.path.join(tmp_dir, tar_member_info.name), path_full
-                     )
-                 else:
-                     dir_path = os.path.dirname(extract_info["path"])
--                    tarball.extractall(dir_path, [tar_member_info])
-+                    if hasattr(tarfile, "data_filter"):
-+                        # Safe way of extraction is available since Python 3.12,
-+                        # hasattr above checks if it's available.
-+                        # It's also backported to 3.11.4, 3.10.12, 3.9.17.
-+                        # It may be backported to older versions in downstream.
-+                        tarball.extractall(
-+                            dir_path, [tar_member_info], filter="data"
-+                        )
-+                    else:
-+                        # Unsafe way of extracting
-+                        # Remove once we don't support Python 3.8 and older
-+                        tarball.extractall(dir_path, [tar_member_info])
-                     path_full = os.path.join(dir_path, tar_member_info.name)
-                 file_attrs = extract_info["attrs"]
-                 os.chmod(path_full, file_attrs["mode"])
--- 
-2.41.0
-
diff --git a/SOURCES/do-not-support-cluster-setup-with-udp-u-transport.patch b/SOURCES/do-not-support-cluster-setup-with-udp-u-transport.patch
index 6d8cdfc..dde0cda 100644
--- a/SOURCES/do-not-support-cluster-setup-with-udp-u-transport.patch
+++ b/SOURCES/do-not-support-cluster-setup-with-udp-u-transport.patch
@@ -1,7 +1,7 @@
-From 31d18e79bd780614a8d3a6590dc9022094743da5 Mon Sep 17 00:00:00 2001
+From 854efcf148c82e5a5e4f0afd71cc3333ea4a8ce4 Mon Sep 17 00:00:00 2001
 From: Ivan Devat <idevat@redhat.com>
 Date: Tue, 20 Nov 2018 15:03:56 +0100
-Subject: [PATCH] do not support cluster setup with udp(u) transport
+Subject: [PATCH 1/2] do not support cluster setup with udp(u) transport
 
 ---
  pcs/pcs.8.in              | 2 ++
@@ -10,7 +10,7 @@ Subject: [PATCH] do not support cluster setup with udp(u) transport
  3 files changed, 6 insertions(+)
 
 diff --git a/pcs/pcs.8.in b/pcs/pcs.8.in
-index 4d8f1bae..b30d420c 100644
+index d504e8b4..93202d05 100644
 --- a/pcs/pcs.8.in
 +++ b/pcs/pcs.8.in
 @@ -438,6 +438,8 @@ By default, encryption is enabled with cipher=aes256 and hash=sha256. To disable
@@ -23,10 +23,10 @@ index 4d8f1bae..b30d420c 100644
  .br
  Transport options are: ip_version, netmtu
 diff --git a/pcs/usage.py b/pcs/usage.py
-index dee8639f..9bb7afb8 100644
+index f4b84202..ee10370a 100644
 --- a/pcs/usage.py
 +++ b/pcs/usage.py
-@@ -1036,6 +1036,7 @@ Commands:
+@@ -1038,6 +1038,7 @@ Commands:
              hash=sha256. To disable encryption, set cipher=none and hash=none.
  
          Transports udp and udpu:
@@ -49,5 +49,5 @@ index 2f26e831..a7702ac4 100644
  #csetup-transport-options.knet .without-knet
  {
 -- 
-2.41.0
+2.43.0
 
diff --git a/SPECS/pcs.spec b/SPECS/pcs.spec
index 80c1239..542f22f 100644
--- a/SPECS/pcs.spec
+++ b/SPECS/pcs.spec
@@ -1,6 +1,6 @@
 Name: pcs
-Version: 0.10.17
-Release: 2%{?dist}
+Version: 0.10.18
+Release: 1%{?dist}
 # https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/
 # https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses
 # GPL-2.0-only: pcs
@@ -22,14 +22,9 @@ ExclusiveArch: i686 x86_64 s390x ppc64le aarch64
 
 # When specifying a commit, use its long hash
 %global version_or_commit %{version}
-# %%global version_or_commit d5642c2ede0d6555603bc385dc35e581d2f0fddd
+# %%global version_or_commit 1fa11fa39029896939a5545968ed60ede714b992
 %global pcs_source_name %{name}-%{version_or_commit}
 
-# ui_commit can be determined by hash, tag or branch
-%global ui_commit 0.1.13
-%global ui_modules_version 0.1.13
-%global ui_src_name pcs-web-ui-%{ui_commit}
-
 %global pcs_snmp_pkg_name  pcs-snmp
 
 %global pyagentx_version   0.4.pcs.2
@@ -38,19 +33,19 @@ ExclusiveArch: i686 x86_64 s390x ppc64le aarch64
 %global dateutil_version  2.8.2
 %global version_rubygem_backports  3.24.1
 %global version_rubygem_ethon  0.16.0
-%global version_rubygem_ffi  1.15.5
+%global version_rubygem_ffi  1.16.3
 %global version_rubygem_json  2.6.3
 %global version_rubygem_mustermann  2.0.2
 %global version_rubygem_nio4r 2.5.9
 %global version_rubygem_open4  1.3.4
-%global version_rubygem_puma 6.3.0
-%global version_rubygem_rack  2.2.7
+%global version_rubygem_puma 6.4.0
+%global version_rubygem_rack  2.2.8
 %global version_rubygem_rack_protection  2.2.4
 %global version_rubygem_rack_test  2.1.0
-%global version_rubygem_rexml  3.2.5
+%global version_rubygem_rexml  3.2.6
 %global version_rubygem_ruby2_keywords  0.0.5
 %global version_rubygem_sinatra  2.2.4
-%global version_rubygem_tilt  2.2.0
+%global version_rubygem_tilt  2.3.0
 
 # javascript bundled libraries for old web-ui
 %global ember_version 1.4.0
@@ -116,17 +111,10 @@ Source93: https://rubygems.org/downloads/nio4r-%{version_rubygem_nio4r}.gem
 Source94: https://rubygems.org/downloads/puma-%{version_rubygem_puma}.gem
 Source95: https://rubygems.org/downloads/ruby2_keywords-%{version_rubygem_ruby2_keywords}.gem
 
-Source100: https://github.com/ClusterLabs/pcs-web-ui/archive/%{ui_commit}/%{ui_src_name}.tar.gz
-Source101: https://github.com/ClusterLabs/pcs-web-ui/releases/download/%{ui_modules_version}/pcs-web-ui-node-modules-%{ui_modules_version}.tar.xz
-
 # pcs patches: <= 200
 # Patch1: bzNUMBER-01-name.patch
 Patch1: do-not-support-cluster-setup-with-udp-u-transport.patch
-Patch2: bz2218841-01-fix-displaying-duplicate-records-in-property-command.patch
-Patch3: bz2219388-01-use-a-filter-when-extracting-a-config-backup-tarball.patch
-
-# ui patches: >200
-# Patch201: bzNUMBER-01-name.patch
+Patch2: RHEL-17280-01-disable-new-webui-routes.patch
 
 # git for patches
 BuildRequires: git-core
@@ -171,9 +159,6 @@ BuildRequires: overpass-fonts
 # Red Hat logo for creating symlink of favicon
 BuildRequires: redhat-logos
 
-# for building web ui
-BuildRequires: npm
-
 # cluster stack packages for pkg-config
 BuildRequires: booth
 BuildRequires: corosync-qdevice-devel
@@ -313,18 +298,12 @@ update_times_patch(){
 # documentation for setup/autosetup/autopatch:
 #   * http://ftp.rpm.org/max-rpm/s1-rpm-inside-macros.html
 #   * https://rpm-software-management.github.io/rpm/manual/autosetup.html
-# patch web-ui sources
-%autosetup -D -T -b 100 -a 101 -S git -n %{ui_src_name} -N
-%autopatch -p1 -m 201
-# update_times_patch %%{PATCH201}
-
 # patch pcs sources
 %autosetup -S git -n %{pcs_source_name} -N
 %autopatch -p1 -M 200
 # update_times_patch %%{PATCH1}
 update_times_patch %{PATCH1}
 update_times_patch %{PATCH2}
-update_times_patch %{PATCH3}
 
 # generate .tarball-version if building from an untagged commit, not a released version
 # autogen uses git-version-gen which uses .tarball-version for generating version number
@@ -370,20 +349,21 @@ cp -f %SOURCE45 rpm/
 %define debug_package %{nil}
 
 ./autogen.sh
-%{configure} --enable-local-build --enable-use-local-cache-only --enable-individual-bundling --enable-booth-enable-authfile-set --enable-booth-enable-authfile-unset PYTHON=%{__python3} ruby_CFLAGS="%{optflags}" ruby_LIBS="%{build_ldflags}"
+%{configure} --enable-local-build --enable-use-local-cache-only \
+  --enable-individual-bundling \
+  --enable-booth-enable-authfile-set --enable-booth-enable-authfile-unset \
+  PYTHON=%{__python3} ruby_CFLAGS="%{optflags}" ruby_LIBS="%{build_ldflags}"
 make all
 
-# build pcs-web-ui
-make -C %{_builddir}/%{ui_src_name} build BUILD_USE_EXISTING_NODE_MODULES=true
-
 %install
 rm -rf $RPM_BUILD_ROOT
 pwd
 
 %make_install
 
-# something like make install for pcs-web-ui
-cp -r %{_builddir}/%{ui_src_name}/build  ${RPM_BUILD_ROOT}%{_libdir}/%{pcsd_public_dir}/ui
+# RHEL-7715 - fix rubygem permissions - remove write access for owner's group
+# and other users
+chmod --recursive g-w,o-w ${RPM_BUILD_ROOT}%{_libdir}/%{rubygem_bundle_dir}
 
 # prepare license files
 # some rubygems do not have a license file (thin)
@@ -580,6 +560,29 @@ remove_all_tests
 %license pyagentx_LICENSE.txt
 
 %changelog
+* Mon Jan 8 2024 Michal Pospisil <mpospisi@redhat.com> - 0.10.18-1
+- Rebased to the latest sources (see CHANGELOG.md)
+  Resolves: RHEL-7741
+
+* Fri Dec 8 2023 Michal Pospisil <mpospisi@redhat.com> - 0.10.17-6
+- Rebased to the latest upstream sources (see CHANGELOG.md)
+- Remove the preview of the new pcs web interface
+  Resolves: RHEL-17280
+
+* Tue Nov 14 2023 Michal Pospisil <mpospisi@redhat.com> - 0.10.17-5
+- Rebased to the latest upstream sources (see CHANGELOG.md)
+  Resolves: RHEL-7584, RHEL-7668, RHEL-7729, RHEL-7731, RHEL-7732, RHEL-7741, RHEL-7742, RHEL-7743, RHEL-7745, RHEL-8467
+- Tightened permissions of bundled rubygems to be 755 or stricter
+  Resolves: RHEL-7715
+
+* Mon Nov 6 2023 Michal Pospisil <mpospisi@redhat.com> - 0.10.17-4
+- No changes, fixed an error in the new quality control process
+- Resolves: RHEL-15218
+
+* Wed Nov 1 2023 Michal Pospisil <mpospisi@redhat.com> - 0.10.17-3
+- No changes, testing a new quality control process
+- Resolves: RHEL-15218
+
 * Thu Jul 13 2023 Michal Pospisil <mpospisi@redhat.com> - 0.10.17-2
 - Make use of filters when extracting tarballs to enhance security if provided by Python (`pcs config restore` command)
 - Do not display duplicate records in commands `pcs property [config] --all` and `pcs property describe`