diff --git a/dhcp-4.0.0-close-leaseFile.patch b/dhcp-4.0.0-close-leaseFile.patch
new file mode 100644
index 0000000..6392680
--- /dev/null
+++ b/dhcp-4.0.0-close-leaseFile.patch
@@ -0,0 +1,36 @@
+diff -up dhcp-4.0.0/client/dhclient.c.leak dhcp-4.0.0/client/dhclient.c
+--- dhcp-4.0.0/client/dhclient.c.leak	2008-02-05 17:55:57.000000000 -1000
++++ dhcp-4.0.0/client/dhclient.c	2008-02-05 18:01:54.000000000 -1000
+@@ -2948,6 +2948,7 @@ void rewrite_client_leases ()
+ 		}
+ 	}
+ 	fflush (leaseFile);
++	fclose (leaseFile);
+ }
+ 
+ void write_lease_option (struct option_cache *oc,
+@@ -3030,6 +3031,7 @@ write_duid(struct data_string *duid)
+ 	if (fflush(leaseFile) != 0)
+ 		return ISC_R_IOERROR;
+ 
++	fclose(leaseFile);
+ 	return ISC_R_SUCCESS;
+ }
+ 
+@@ -3129,6 +3131,7 @@ write_client6_lease(struct client_state 
+ 		}
+ 	}
+ 
++	fclose(leaseFile);
+ 	return ISC_R_SUCCESS;
+ }
+ 
+@@ -3264,6 +3267,8 @@ int write_client_lease (client, lease, r
+ 			return 0;
+ 		}
+ 	}
++
++	fclose(leaseFile);
+ 	return errors ? 0 : 1;
+ }
+ 
diff --git a/dhcp.spec b/dhcp.spec
index bf3bda9..e8a9311 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -4,7 +4,7 @@
 Summary:  DHCP (Dynamic Host Configuration Protocol) server and relay agent
 Name:     dhcp
 Version:  4.0.0
-Release:  6%{?dist}
+Release:  7%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -43,6 +43,7 @@ Patch13:  %{name}-4.0.0-dhclient-anycast.patch
 Patch14:  %{name}-4.0.0-manpages.patch
 Patch15:  %{name}-4.0.0-paths.patch
 Patch16:  %{name}-4.0.0-libdhcp4client.patch
+Patch17:  %{name}-4.0.0-close-leaseFile.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: autoconf
@@ -189,6 +190,9 @@ client library.
 # Add the libdhcp4client target (library version of dhclient)
 %patch16 -p1
 
+# Close _PATH_DHCLIENT_DB so we don't leak file descriptors
+%patch17 -p1
+
 # Copy in documentation and example scripts for LDAP patch to dhcpd
 %{__install} -p -m 0644 %{SOURCE5} .
 %{__install} -p -m 0644 %{SOURCE6} doc/
@@ -401,6 +405,9 @@ fi
 %{_libdir}/libdhcp4client.so
 
 %changelog
+* Tue Feb 05 2008 David Cantrell <dcantrell@redhat.com> - 12:4.0.0-7
+- Don't leak /var/lib/dhclient/dhclient.leases file descriptors (#429890)
+
 * Tue Jan 22 2008 David Cantrell <dcantrell@redhat.com> - 12:4.0.0-6
 - read_function() comes from the LDAP patch, so fix it there
 - Init new struct universe structs in libdhcp4client so we don't crash on