diff --git a/CVE-2022-1802.patch b/CVE-2022-1802.patch
new file mode 100644
index 0000000000000000000000000000000000000000..83aa517876c20e03a4beff15cec5dd4dc1862a81
--- /dev/null
+++ b/CVE-2022-1802.patch
@@ -0,0 +1,47 @@
+From d7ee6342bf9a63dc47fd28567008c44cd6e44bad Mon Sep 17 00:00:00 2001
+From: Peter Van der Beken <peterv@propagandism.org>
+Date: Thu, 19 May 2022 14:31:53 +0000 (22 months ago)
+Subject: [PATCH] CVE-2022-1802
+
+---
+ dom/notification/old/NotificationDB.jsm | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/dom/notification/old/NotificationDB.jsm b/dom/notification/old/NotificationDB.jsm
+index e950404f50..06c4d40680 100644
+--- a/dom/notification/old/NotificationDB.jsm
++++ b/dom/notification/old/NotificationDB.jsm
+@@ -40,8 +40,8 @@ var NotificationDB = {
+       return;
+     }
+ 
+-    this.notifications = {};
+-    this.byTag = {};
++    this.notifications = Object.create(null);
++    this.byTag = Object.create(null);
+     this.loaded = false;
+ 
+     this.tasks = []; // read/write operation queue
+@@ -111,7 +111,7 @@ var NotificationDB = {
+         // populate the list of notifications by tag
+         if (this.notifications) {
+           for (var origin in this.notifications) {
+-            this.byTag[origin] = {};
++            this.byTag[origin] = Object.create(null);
+             for (var id in this.notifications[origin]) {
+               var curNotification = this.notifications[origin][id];
+               if (curNotification.tag) {
+@@ -344,8 +344,8 @@ var NotificationDB = {
+     var origin = data.origin;
+     var notification = data.notification;
+     if (!this.notifications[origin]) {
+-      this.notifications[origin] = {};
+-      this.byTag[origin] = {};
++        this.notifications[origin] = Object.create(null);
++	    this.byTag[origin] = Object.create(null);
+     }
+ 
+     // We might have existing notification with this tag,
+-- 
+2.27.0
+
diff --git a/firefox.spec b/firefox.spec
index 11dbbc5eb9471e3d71ac1901ca523720000edf1d..56c6f3f4eceb63cabbecf8137fa782dc4efd1e7d 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -88,7 +88,7 @@
 Summary:             Mozilla Firefox Web browser
 Name:                firefox
 Version:             79.0
-Release:             16
+Release:             17
 URL:                 https://www.mozilla.org/firefox/
 License:             MPLv1.1 or GPLv2+ or LGPLv2+
 Source0:             https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@@ -195,6 +195,7 @@ Patch651:            CVE-2023-4863-2.patch
 Patch652:            CVE-2023-5217.patch
 Patch653:            CVE-2023-7104.patch
 Patch654:            CVE-2022-22755.patch
+Patch655:            CVE-2022-1802.patch
 
 
 
@@ -386,6 +387,7 @@ tar -xf %{SOURCE3}
 %patch652 -p1
 %patch653 -p1
 %patch654 -p1
+%patch655 -p1
 
 
 %{__rm} -f .mozconfig
@@ -835,6 +837,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif
 
 %changelog
+* Thu Mar 21 2024 lvfei <lvfei@kylinos.cn> - 79.0-17
+- Fix CVE-2022-1802
+
 * Mon Mar 04 2024 lvfei <lvfei@kylinos.cn>  - 79.0-16
 - fix CVE-2022-22755