dtls13: preserve app data after same-datagram KeyUpdate

[zRedShift]

Draft stacked on #121. Once #121 lands, this PR should be rebased onto main and its diff should collapse to the single DIMP-015 commit.

What

This preserves DTLS 1.3 application data that arrives in the same UDP datagram after a KeyUpdate request. The parser now defers post-KeyUpdate tails and replays them after installing the next read keys, while keeping malformed or over-capacity tails from committing replay-window state.

Why

Without this, a peer can send KeyUpdate followed by app data in the next epoch in one datagram, and dimpl discards or mishandles the tail instead of processing it under the updated keys.

Notes

• Stacked on dtls: defer replay commits until datagram parse succeeds #121 because the malformed/deferred-tail regressions rely on replay-window transactionality from that PR.
• Adds DTLS 1.3 regression coverage for same-datagram KeyUpdate followed by app data, including malformed and capacity-boundary tails.
• Adds a CHANGELOG row with guessed PR number dtls13: preserve app data after same-datagram KeyUpdate #122.

Validation

• git diff --check 1b56b2f..HEAD
• cargo fmt --check
• cargo test --test dtls13 key_update --features rcgen
• cargo test --all-targets --features rcgen
• cargo clippy --all-targets --features rcgen -- -D warnings