diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 231dac0..3d97fcc 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,6 +1,19 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.33/src/matchpathcon.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/avc_internal.c libselinux-2.0.34/src/avc_internal.c
+--- nsalibselinux/src/avc_internal.c	2007-07-16 14:20:46.000000000 -0400
++++ libselinux-2.0.34/src/avc_internal.c	2007-09-24 11:37:47.000000000 -0400
+@@ -61,7 +61,8 @@
+ 		rc = fd;
+ 		goto out;
+ 	}
+-
++	
++	fcntl(fd, F_SETFD, FD_CLOEXEC);
+ 	if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
+ 		close(fd);
+ 		rc = -1;
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.34/src/matchpathcon.c
 --- nsalibselinux/src/matchpathcon.c	2007-09-18 16:27:25.000000000 -0400
-+++ libselinux-2.0.33/src/matchpathcon.c	2007-09-18 15:45:42.000000000 -0400
++++ libselinux-2.0.34/src/matchpathcon.c	2007-09-18 16:32:31.000000000 -0400
 @@ -2,6 +2,7 @@
  #include <string.h>
  #include <errno.h>
@@ -18,9 +31,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux
  	va_end(ap);
  }
  
-diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.33/utils/matchpathcon.c
+diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.34/utils/matchpathcon.c
 --- nsalibselinux/utils/matchpathcon.c	2007-07-16 14:20:45.000000000 -0400
-+++ libselinux-2.0.33/utils/matchpathcon.c	2007-09-18 15:50:31.000000000 -0400
++++ libselinux-2.0.34/utils/matchpathcon.c	2007-09-18 16:32:31.000000000 -0400
 @@ -17,10 +17,24 @@
  	exit(1);
  }
diff --git a/libselinux.spec b/libselinux.spec
index f52a584..b35801e 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -2,7 +2,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.0.34
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -124,6 +124,9 @@ exit 0
 
 %changelog
 
+* Mon Sep 24 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.34-2
+- Remove leaked file descriptor
+
 * Tue Sep 18 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.34-1
 - Upgrade to latest from NSA
 	* Fix selabel option flag setting for 64-bit from Stephen Smalley.