diff --git a/Cargo.lock b/Cargo.lock
index b359ca8a7..58a082bef 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -316,6 +316,6 @@ dependencies = [
 
 [[package]]
 name = "zeroize"
-version = "1.7.0"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d"
+checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9"
diff --git a/sha3/CHANGELOG.md b/sha3/CHANGELOG.md
index 9992ac31e..ae1825922 100644
--- a/sha3/CHANGELOG.md
+++ b/sha3/CHANGELOG.md
@@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.10.9 (UNRELEASED)
+### Fixed
+- Non-compliant initialization of cSHAKE when serialized length of function name and
+  customization string is a multiple of the block size ([#836], backport of [#834])
+
+[#834]: https://github.com/RustCrypto/hashes/pull/834
+[#836]: https://github.com/RustCrypto/hashes/pull/836
+
 ## 0.10.8 (2023-04-08)
 ### Fixed
 - Performance regression: now uses `p1600` fn ([#472])
diff --git a/sha3/src/lib.rs b/sha3/src/lib.rs
index 0f87ee580..b79eb6efc 100644
--- a/sha3/src/lib.rs
+++ b/sha3/src/lib.rs
@@ -9,7 +9,7 @@
 //! * `SHAKE128`, an extendable output function (XOF)
 //! * `SHAKE256`, an extendable output function (XOF)
 //! * `Keccak224`, `Keccak256`, `Keccak384`, `Keccak512` (NIST submission
-//!    without padding changes)
+//!   without padding changes)
 //!
 //! Additionally supports `TurboSHAKE`.
 //!
@@ -72,7 +72,7 @@ use core::fmt;
 #[cfg(feature = "oid")]
 use digest::const_oid::{AssociatedOid, ObjectIdentifier};
 use digest::{
-    block_buffer::Eager,
+    block_buffer::{Eager, LazyBuffer},
     consts::{U104, U136, U144, U168, U200, U28, U32, U48, U64, U72},
     core_api::{
         AlgorithmName, Block, BlockSizeUser, Buffer, BufferKindUser, CoreWrapper,
diff --git a/sha3/src/macros.rs b/sha3/src/macros.rs
index f26291305..8b4846ebd 100644
--- a/sha3/src/macros.rs
+++ b/sha3/src/macros.rs
@@ -394,7 +394,7 @@ macro_rules! impl_cshake {
                     };
                 }
 
-                let mut buffer = Buffer::<Self>::default();
+                let mut buffer = LazyBuffer::<$rate>::default();
                 let mut b = [0u8; 9];
                 buffer.digest_blocks(left_encode($rate::to_u64(), &mut b), |blocks| {
                     for block in blocks {