diff --git a/ChangeLog b/ChangeLog
index 3c61879de0..a297465c3a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Fri Aug 12 11:45:02 2016  Shugo Maeda  <shugo@ruby-lang.org>
+
+	* lib/net/http/generic_rquest.rb (write_header): A Request-Line must
+	  not contain CR or LF.
+
 Fri Aug 12 11:41:41 2016  Shugo Maeda  <shugo@ruby-lang.org>
 
 	* lib/net/ftp.rb (putline): raise an ArgumentError when
diff --git a/lib/net/http/generic_request.rb b/lib/net/http/generic_request.rb
index 00ff434ccf..959a3c6510 100644
--- a/lib/net/http/generic_request.rb
+++ b/lib/net/http/generic_request.rb
@@ -320,7 +320,12 @@ class Net::HTTPGenericRequest
   end
 
   def write_header(sock, ver, path)
-    buf = "#{@method} #{path} HTTP/#{ver}\r\n"
+    reqline = "#{@method} #{path} HTTP/#{ver}"
+    if /[\r\n]/ =~ reqline
+      raise ArgumentError, "A Request-Line must not contain CR or LF"
+    end
+    buf = ""
+    buf << reqline << "\r\n"
     each_capitalized do |k,v|
       buf << "#{k}: #{v}\r\n"
     end
diff --git a/test/net/http/test_http.rb b/test/net/http/test_http.rb
index d3424769f0..0eabfa70a2 100644
--- a/test/net/http/test_http.rb
+++ b/test/net/http/test_http.rb
@@ -291,6 +291,17 @@ module TestNetHTTP_version_1_1_methods
     assert_equal $test_net_http_data, res.body
   end
 
+  def test_get__crlf
+    start {|http|
+      assert_raise(ArgumentError) do
+        http.get("\r")
+      end
+      assert_raise(ArgumentError) do
+        http.get("\n")
+      end
+    }
+  end
+
   def test_get2
     start {|http|
       http.get2('/') {|res|
diff --git a/version.h b/version.h
index 0f820af73a..4309eb8e64 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.2.6"
 #define RUBY_RELEASE_DATE "2016-08-12"
-#define RUBY_PATCHLEVEL 346
+#define RUBY_PATCHLEVEL 347
 
 #define RUBY_RELEASE_YEAR 2016
 #define RUBY_RELEASE_MONTH 8