diff --git a/download b/download
index a84181ff683632e70b0bcc48953d20c4472eb467..b8ab6b4866f30d48ca71d586abe9c3f94552cc72 100644
--- a/download
+++ b/download
@@ -1,11 +1,5 @@
-http://build.openanolis.cn/kojifiles/upstream-source/gtk3-private-3.22.26-1.el6.src.rpm
-http://build.openanolis.cn/kojifiles/upstream-source/libffi-3.0.13-18.el7_3.src.rpm
-http://build.openanolis.cn/kojifiles/upstream-source/nodejs-10.21.0-5.fc32.src.rpm
-http://build.openanolis.cn/kojifiles/upstream-source/openssl-1.0.2k-19.6.bundle.el7_7.src.rpm
-http://build.openanolis.cn/kojifiles/upstream-source/yasm-1.2.0-3.el5.src.rpm
+http://build.openanolis.cn/kojifiles/upstream-source/firefox-91.6.0esr.processed-source.tar.xz
+http://build.openanolis.cn/kojifiles/upstream-source/firefox-langpacks-91.6.0esr-20220202.tar.xz
 http://build.openanolis.cn/kojifiles/upstream-source/cbindgen-vendor.tar.xz
-http://build.openanolis.cn/kojifiles/upstream-source/firefox-91.5.0esr.processed-source.tar.xz
-http://build.openanolis.cn/kojifiles/upstream-source/firefox-langpacks-91.5.0esr-20220106.tar.xz
-http://build.openanolis.cn/kojifiles/upstream-source/Python-2.7.13.tar.xz
 http://build.openanolis.cn/kojifiles/upstream-source/nspr-4.32.0-1.el8_1.src.rpm
 http://build.openanolis.cn/kojifiles/upstream-source/nss-3.67.0-7.el8_1.src.rpm
diff --git a/firefox-mozconfig b/firefox-mozconfig
index 9e8a32fff11fe0c6fae149d67dc91a6b263d969b..6c7afd7d44a87026d1ba27bb997222c5d080eb1a 100644
--- a/firefox-mozconfig
+++ b/firefox-mozconfig
@@ -12,7 +12,6 @@ ac_add_options --enable-chrome-format=omni
 ac_add_options --enable-pulseaudio
 ac_add_options --without-system-icu
 ac_add_options --enable-release
-ac_add_options --update-channel=release
 ac_add_options --allow-addon-sideload
 ac_add_options --with-system-jpeg
 ac_add_options --enable-js-shell
diff --git a/firefox-nss-addon-hack.patch b/firefox-nss-addon-hack.patch
new file mode 100644
index 0000000000000000000000000000000000000000..0322707726f9037f08c8c867e229252fd77efb13
--- /dev/null
+++ b/firefox-nss-addon-hack.patch
@@ -0,0 +1,19 @@
+diff -up firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp
+--- firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack      2021-01-11 12:12:02.585514543 +0100
++++ firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp       2021-01-11 12:47:50.345984582 +0100
+@@ -1619,6 +1619,15 @@ SECStatus InitializeNSS(const nsACString
+     return srv;
+   }
+
++  /* Sets the NSS_USE_ALG_IN_ANY_SIGNATURE bit.
++   * does not change NSS_USE_ALG_IN_CERT_SIGNATURE,
++   * so policy will still disable use of sha1 in
++   * certificate related signature processing. */
++  srv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_ANY_SIGNATURE, 0);
++  if (srv != SECSuccess) {
++    NS_WARNING("Unable to use SHA1 for Add-ons, expect broken/disabled Add-ons. See https://bugzilla.redhat.com/show_bug.cgi?id=1908018 for details.");
++  }
++
+   if (nssDbConfig == NSSDBConfig::ReadWrite) {
+     UniquePK11SlotInfo slot(PK11_GetInternalKeySlot());
+     if (!slot) {
diff --git a/firefox.spec b/firefox.spec
index ebe8a460ae30702762df74738df98bc0ec29f306..de1c293af6c16f76096725e3a9270f0bfd87ad44 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -129,7 +129,7 @@ end}
 
 Summary:        Mozilla Firefox Web browser
 Name:           firefox
-Version:        91.5.0
+Version:        91.6.0
 Release:        1%{anolis_release}%{?dist}
 URL:            https://www.mozilla.org/firefox/
 License:        MPLv1.1 or GPLv2+ or LGPLv2+
@@ -154,7 +154,7 @@ ExcludeArch:    aarch64 s390 ppc
 # Link to official tarball: https://hg.mozilla.org/releases/mozilla-release/archive/firefox-%%{version}%%{?pre_version}.source.tar.xz
 Source0:        firefox-%{version}%{?pre_version}.processed-source.tar.xz
 %if %{build_langpacks}
-Source1:        firefox-langpacks-%{version}%{?pre_version}-20220106.tar.xz
+Source1:        firefox-langpacks-%{version}%{?pre_version}-20220202.tar.xz
 %endif
 Source2:        cbindgen-vendor.tar.xz
 Source3:        process-official-tarball
@@ -185,6 +185,7 @@ Patch6:         build-nss-version.patch
 Patch215:        firefox-enable-addons.patch
 Patch219:        rhbz-1173156.patch
 Patch224:        mozilla-1170092.patch
+Patch225:        firefox-nss-addon-hack.patch
 
 # Upstream patches
 
@@ -425,6 +426,11 @@ echo "use_rustts            %{?use_rustts}"
 %patch219 -p1 -b .rhbz-1173156
 %patch224 -p1 -b .1170092
 
+# the nss changed in 8.6 and later, so addons are working in older releases
+%if 0%{?rhel_minor_version} >= 6
+%patch225 -p1 -b .firefox-nss-addon-hack
+%endif
+
 # Patch for big endian platforms only
 %if 0%{?big_endian}
 %endif
@@ -1247,13 +1253,23 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 #---------------------------------------------------------------------
 
 %changelog
-* Fri Jan 14 2022 Liwei Ge <geliwei@openanolis.org> - 91.5.0-1.0.1
+* Tue Feb 15 2022 Liwei Ge <geliwei@openanolis.org> - 91.6.0-1.0.1
 - Add firefox-anolis-default-prefs.js
 - Remove bookmarks
 
+* Wed Feb 02 2022 Eike Rathke <erack@redhat.com> - 91.6.0-1
+- Update to 91.6.0 build1
+
+* Wed Feb 02 2022 Jan Horak <jhorak@redhat.com> - 91.5.0-2
+- Use default update channel to fix non working enterprise policies:
+  rhbz#2044667
+
 * Thu Jan 06 2022 Eike Rathke <erack@redhat.com> - 91.5.0-1
 - Update to 91.5.0 build1
 
+* Mon Dec 13 2021 Jan Horak <jhorak@redhat.com> - 91.4.0-2
+- Added fix for failing addons signatures.
+
 * Wed Dec 01 2021 Eike Rathke <erack@redhat.com> - 91.4.0-1
 - Update to 91.4.0 build1