in /usr/sharerhn/up2date.py CheckRpmMd5() and hasBadSignature() in the true "if" case you need a: os.close(saveStdout); os.close(saveStderr); on about line 955 and also line 1531 also the false case you do not close "lines". This stuffs up a large package list download if it is interrupted when up2date tries to verify the sig of the saved rpms.
seems reasonable, if not essential.
This has been added in the most recent clients. The up2date errata for up2date-2.5.4 includes this fix.