diff --git a/CHANGES b/CHANGES
index d79ce0138ec9929d670d92a51d044dd0162de732..e5b46ec688112554b642656b937dec3c51736087 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,16 @@
 
                                   Changelog
 
+Daniel Stenberg (29 Dec 2008)
+ - Phil Lisiecki filed bug report #2413067
+  (http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that
+  would cause libcurl to mark a DNS cache entry "in use" eternally if the
+  subsequence TCP connect failed. It would thus never get pruned and refreshed
+  as it should've been.
+
+  Phil provided his own patch to this problem that while it seemed to work
+  wasn't complete and thus I wrote my own fix to the problem.
+
 Daniel Stenberg (28 Dec 2008)
 - Peter Korsgaard fixed building libcurl with "configure --with-ssl
   --disable-verbose".
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 3c923c4069260e1f59b2444aa4f540e75505a40a..220427ebb64d750db47f1096c9977758d54666e3 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -39,6 +39,7 @@ This release includes the following bugfixes:
  o the multi_socket API and HTTP pipelining now work a lot better when combined
  o SFTP seek/resume beyond 32bit file sizes
  o fixed breakage with --with-ssl --disable-verbose
+ o TTL "leak" in the DNS cache
 
 This release includes the following known bugs:
 
@@ -50,6 +51,6 @@ advice from friends like these:
  Yang Tse, Daniel Fandrich, Jim Meyering, Christian Krause, Andreas Wurf,
  Markus Koetter, Josef Wolf, Vlad Grachov, Pawel Kierski, Igor Novoseltsev,
  Fred Machado, Ken Hirsch, Keshav Krity, Patrick Monnerat, Mark Karpeles,
- Anthony Bryan, Peter Korsgaard
+ Anthony Bryan, Peter Korsgaard, Phil Lisiecki
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/TODO-RELEASE b/TODO-RELEASE
index a75b0310fb0083a3d859965351dd8a08027d2bfd..2df722099adbbac504bb9180be10c109d777a446 100644
--- a/TODO-RELEASE
+++ b/TODO-RELEASE
@@ -1,6 +1,4 @@
 To be addressed in 7.19.3 (planned release: January 2009)
 =========================
 
-203 - "dns cache memory leak and TTL failure after failed conn" bug #2413067
 
-204 - 
diff --git a/lib/url.c b/lib/url.c
index 4826192efd51be5d84a8fdfef76fef08f90c110a..24d143420a44c771959087e3b4658c763f5e2803 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4523,22 +4523,28 @@ CURLcode Curl_connect(struct SessionHandle *data,
 
   if(CURLE_OK == code) {
     /* no error */
-    if((*in_connect)->send_pipe->size +
-       (*in_connect)->recv_pipe->size != 0)
+    if((*in_connect)->send_pipe->size || (*in_connect)->recv_pipe->size)
       /* pipelining */
       *protocol_done = TRUE;
     else {
+
       if(dns || !*asyncp)
         /* If an address is available it means that we already have the name
            resolved, OR it isn't async. if this is a re-used connection 'dns'
            will be NULL here. Continue connecting from here */
         code = setup_conn(*in_connect, dns, protocol_done);
-      /* else
-         response will be received and treated async wise */
+
+      if(dns && code) {
+        /* We have the dns entry info already but failed to connect to the
+         * host and thus we must make sure to unlock the dns entry again
+         * before returning failure from here.
+         */
+        Curl_resolv_unlock(data, dns);
+      }
     }
   }
 
-  if(CURLE_OK != code && *in_connect) {
+  if(code && *in_connect) {
     /* We're not allowed to return failure with memory left allocated
        in the connectdata struct, free those here */
     Curl_disconnect(*in_connect); /* close the connection */