Fix merge of Changelog 128bit CTR_DRBG entry

The entry describing support for 128-bit keys in CTR_DRBG was merged into the
wrong version.
diff --git a/ChangeLog b/ChangeLog
index 7aa8775..fee12dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -48,6 +48,8 @@
      may be up to two bytes shorter. This allows the library to support all
      hash and signature sizes that comply with FIPS 186-4, including SHA-512
      with a 1024-bit key.
+   * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter
+     than 256 bits limits the security of generated material to 128 bits.
 
 API Changes
    * Add a common error code of `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` for
@@ -252,8 +254,6 @@
      independently contributed again by Paul Sokolovsky.
    * Add support for key wrapping modes based on AES as defined by
      NIST SP 800-38F algorithms KW and KWP and by RFC 3394 and RFC 5649.
-   * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter
-     than 256 bits limits the security of generated material to 128 bits.
 
 Bugfix
    * Fix the key_app_writer example which was writing a leading zero byte which