diff --git a/ChangeLog.d/8824.txt b/ChangeLog.d/8824.txt
new file mode 100644
index 000000000..fb34c0161
--- /dev/null
+++ b/ChangeLog.d/8824.txt
@@ -0,0 +1,6 @@
+Bugfix
+   * Fix mbedtls_pk_sign(), mbedtls_pk_verify(), mbedtls_pk_decrypt() or
+     mbedtls_pk_encrypt() on non-opaque RSA keys to honor the padding mode in
+     the RSA context. Before they always used PKCS#1 v1.5 even when the RSA
+     context was configured for PKCS#1 v2.1 (PSS/OAEP). Fixes #8824.
+