diff --git a/ChangeLog b/ChangeLog
index 6f7637dc1..4a2e710b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,8 @@ Bugfix
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
      Found by projectgus and jethrogb, #836.
    * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.
+   * Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were
+     accepted. Generating these signatures required the private key.
 
 = mbed TLS 2.6.0 branch released 2017-08-10
 
diff --git a/library/rsa.c b/library/rsa.c
index b54960fb7..148f6b345 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1399,8 +1399,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
     while( p < hash_start - 1 && *p == 0 )
         p++;
 
-    if( p == hash_start ||
-        *p++ != 0x01 )
+    if( *p++ != 0x01 )
     {
         mbedtls_md_free( &md_ctx );
         return( MBEDTLS_ERR_RSA_INVALID_PADDING );