diff --git a/ruby-2.4.0-SMTP-injection-fix.patch b/ruby-2.4.0-SMTP-injection-fix.patch
new file mode 100644
index 0000000..569c69b
--- /dev/null
+++ b/ruby-2.4.0-SMTP-injection-fix.patch
@@ -0,0 +1,122 @@
+From ea7b67981156f3eaee8420bb34c49605573387a5 Mon Sep 17 00:00:00 2001
+From: shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
+Date: Wed, 8 Jun 2016 07:06:57 +0000
+Subject: [PATCH] Security: backport SMTP injection fix
+
+* lib/net/smtp.rb (getok, get_response): raise an ArgumentError when
+CR or LF is included in a line, because they are not allowed in
+RFC5321.
+
+https://hackerone.com/reports/137631
+---
+ ChangeLog                  |  6 ++++++
+ lib/net/smtp.rb            |  9 +++++++++
+ test/net/smtp/test_smtp.rb | 47 ++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 62 insertions(+)
+
+diff --git a/ChangeLog b/ChangeLog
+index ab9a6bf18281..5176d362881b 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,9 @@
++Sun Jun 11 21:25:09 2017  Shugo Maeda  <shugo@ruby-lang.org>
++
++	* lib/net/smtp.rb (getok, get_response): raise an ArgumentError when
++	  CR or LF is included in a line, because they are not allowed in
++	  RFC5321. https://hackerone.com/reports/137631 [Backport 0827a7e]
++
+ Wed Jul  5 15:55:35 2017  NAKAMURA Usaku  <usa@ruby-lang.org>
+ 
+ 	* ext/openssl/ossl_cipher.c: remove the encryption key initialization
+diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb
+index d634274c3ee8..78f2181d2a8b 100644
+--- a/lib/net/smtp.rb
++++ b/lib/net/smtp.rb
+@@ -926,7 +926,15 @@ def quit
+ 
+     private
+ 
++    def validate_line(line)
++      # A bare CR or LF is not allowed in RFC5321.
++      if /[\r\n]/ =~ line
++        raise ArgumentError, "A line must not contain CR or LF"
++      end
++    end
++
+     def getok(reqline)
++      validate_line reqline
+       res = critical {
+         @socket.writeline reqline
+         recv_response()
+@@ -936,6 +944,7 @@ def getok(reqline)
+     end
+ 
+     def get_response(reqline)
++      validate_line reqline
+       @socket.writeline reqline
+       recv_response()
+     end
+diff --git a/test/net/smtp/test_smtp.rb b/test/net/smtp/test_smtp.rb
+index 0edb3419d56e..3bcceb6fc5bb 100644
+--- a/test/net/smtp/test_smtp.rb
++++ b/test/net/smtp/test_smtp.rb
+@@ -6,6 +6,8 @@
+ module Net
+   class TestSMTP < Test::Unit::TestCase
+     class FakeSocket
++      attr_reader :write_io
++
+       def initialize out = "250 OK\n"
+         @write_io = StringIO.new
+         @read_io  = StringIO.new out
+@@ -51,5 +53,50 @@ def test_rset
+ 
+       assert smtp.rset
+     end
++
++    def test_mailfrom
++      sock = FakeSocket.new
++      smtp = Net::SMTP.new 'localhost', 25
++      smtp.instance_variable_set :@socket, sock
++      assert smtp.mailfrom("foo@example.com").success?
++      assert_equal "MAIL FROM:<foo@example.com>\r\n", sock.write_io.string
++    end
++
++    def test_rcptto
++      sock = FakeSocket.new
++      smtp = Net::SMTP.new 'localhost', 25
++      smtp.instance_variable_set :@socket, sock
++      assert smtp.rcptto("foo@example.com").success?
++      assert_equal "RCPT TO:<foo@example.com>\r\n", sock.write_io.string
++    end
++
++    def test_auth_plain
++      sock = FakeSocket.new
++      smtp = Net::SMTP.new 'localhost', 25
++      smtp.instance_variable_set :@socket, sock
++      assert smtp.auth_plain("foo", "bar").success?
++      assert_equal "AUTH PLAIN AGZvbwBiYXI=\r\n", sock.write_io.string
++    end
++
++    def test_crlf_injection
++      smtp = Net::SMTP.new 'localhost', 25
++      smtp.instance_variable_set :@socket, FakeSocket.new
++
++      assert_raise(ArgumentError) do
++        smtp.mailfrom("foo\r\nbar")
++      end
++
++      assert_raise(ArgumentError) do
++        smtp.mailfrom("foo\rbar")
++      end
++
++      assert_raise(ArgumentError) do
++        smtp.mailfrom("foo\nbar")
++      end
++
++      assert_raise(ArgumentError) do
++        smtp.rcptto("foo\r\nbar")
++      end
++    end
+   end
+ end
diff --git a/ruby.spec b/ruby.spec
index 0dbc45e..f9e9fb7 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -21,7 +21,7 @@
 %endif
 
 
-%global release 62
+%global release 63
 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
 
 # The RubyGems library has to stay out of Ruby directory three, since the
@@ -126,6 +126,11 @@ Patch7: ruby-2.2.3-Generate-preludes-using-miniruby.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1381527
 # https://github.com/ruby/ruby/commit/739782e37a6662fea379e7ef3ec89e851b04b46c
 Patch10: ruby-2.3.4-remove-the-encryption-key-initialization.patch
+# Fix SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM
+# commands in Net::SMTP (CVE-2015-9096).
+# https://bugzilla.redhat.com/show_bug.cgi?id=1461848
+# https://github.com/ruby/ruby/pull/1647
+Patch11: ruby-2.4.0-SMTP-injection-fix.patch
 # Do not freeze strings in generated .gemspec. This causes regressions
 # and FTBFS in Fedora packages. This is revert of:
 # https://github.com/rubygems/rubygems/commit/8eda3272d28010c768a05620de776e5a8195c1ae
@@ -479,6 +484,7 @@ rm -rf ext/fiddle/libffi*
 %patch6 -p1
 %patch7 -p1
 %patch10 -p1
+%patch11 -p1
 %patch100 -p1
 
 # Provide an example of usage of the tapset:
@@ -969,6 +975,10 @@ make check TESTS="-v $DISABLE_TESTS"
 %{ruby_libdir}/tkextlib
 
 %changelog
+* Tue Aug 08 2017 Vít Ondruch <vondruch@redhat.com> - 2.3.3-63
+- Fix SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM
+  commands in Net::SMTP (rhbz#1461848).
+
 * Thu Jul 27 2017 Vít Ondruch <vondruch@redhat.com> - 2.3.3-62
 - Fix IV Reuse in GCM Mode (rhbz#1381527).