RSA: Fix another buffer overflow in PSS signature verification

Fix buffer overflow in RSA-PSS signature verification when the masking
operation results in an all-zero buffer. This could happen at any key size.
diff --git a/ChangeLog b/ChangeLog
index d2c5f6b..9b3dc5c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,8 @@
    * Fix buffer overflow in RSA-PSS verification when the hash is too
      large for the key size. Found by Seth Terashima, Qualcomm Product
      Security Initiative, Qualcomm Technologies Inc.
+   * Fix buffer overflow in RSA-PSS verification when the unmasked
+     data is all zeros.
 
 = mbed TLS 1.3.21 branch released 2017-08-10