diff --git a/CHANGES b/CHANGES
index 0694b033ecca32a3bedb7b21101d4091099482ca..e51fd8ac0e19eb2b977d48e788d2aaa57e5160ab 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,9 @@
 
                                   Changelog
 
+Daniel Stenberg (15 Jan 2009)
+- Tim Ansell fixed a compiler warning in lib/cookie.c
+
 Daniel Stenberg (14 Jan 2009)
 - Grant Erickson fixed timeouts for TFTP such that specifying a
   connect-timeout, a max-time or both options work correctly and as expected
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 2a1b48e2aa9d17c20150ba8e2f92c0d86dff84b0..7d3d7768801eb1d4ec5833708fc7ec62af3c27c3 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -61,6 +61,6 @@ advice from friends like these:
  Fred Machado, Ken Hirsch, Keshav Krity, Patrick Monnerat, Mark Karpeles,
  Anthony Bryan, Peter Korsgaard, Phil Lisiecki, Bas Mevissen, Rob Crittenden,
  Emil Romanus, Karl Moerder, Daniel Black, Stefan Teleman, Michael Wallner,
- Grant Erickson
+ Grant Erickson, Tim Ansell
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/cookie.c b/lib/cookie.c
index 4f768f2db1179825154a80db4e39e51aef8a34b5..bc2f09b22efaeb89d8f6f1b3b5e07ceaecd90917 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -439,7 +439,7 @@ Curl_cookie_add(struct SessionHandle *data,
        reading the odd netscape cookies-file format here */
     char *ptr;
     char *firstptr;
-    char *tok_buf;
+    char *tok_buf=NULL;
     int fields;
 
     /* IE introduced HTTP-only cookies to prevent XSS attacks. Cookies
@@ -454,7 +454,6 @@ Curl_cookie_add(struct SessionHandle *data,
       co->httponly = TRUE;
     }
 
-
     if(lineptr[0]=='#') {
       /* don't even try the comments */
       free(co);