DHM: Fix dhm_check_range() always returning 0

Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
diff --git a/ChangeLog b/ChangeLog
index 8f7843d..24bcde5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,10 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS 2.1.x released xxxx-xx-xx
+= mbed TLS 2.1.x branch released xxxx-xx-xx
+
+Security
+   * Fix dhm_check_range() failing to detect trivial subgroups and potentially
+     leaking 1 bit of the private key. Reported by prashantkspatil.
 
 Bugfix
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records