Fix bug with mpi_fill_random() on big-endian

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 2f5be94..5598467 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,6 +25,8 @@
      ServerHello when no extensions are present (found by Matthew Page)
    * rsa_check_pubkey() now allows an E up to N
    * On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
+   * mpi_fill_random() was creating numbers larger than requested on
+     big-endian platform when size was not an integer number of limbs
 
 = PolarSSL 1.3.6 released on 2014-04-11