util/flashrom_tester: Update sys-info crate to version 0.9

An issue was discovered in the sys-info crate before 0.8.0 for Rust.
sys_info::disk_info calls can trigger a double free. To prevent any
potential problems, update this crate to version 0.9 (as of writing,
sys-info version 0.9.1 is the latest).

Refer to CVE-2020-36434 for more details about the sys-info crate bug.

TEST=Run `cargo build` in `util/flashrom_tester`, it still works fine.

Change-Id: I3b6b21e830ff3107860f7bcbfe2d58b29efe0c12
Signed-off-by: Angel Pons <th3fanbus@gmail.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/63975
Reviewed-by: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Jack Rosenthal <jrosenth@chromium.org>
Reviewed-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/util/flashrom_tester/Cargo.toml b/util/flashrom_tester/Cargo.toml
index e7a582024..8956b9233 100644
--- a/util/flashrom_tester/Cargo.toml
+++ b/util/flashrom_tester/Cargo.toml
@@ -22,7 +22,7 @@ libc = "0.2"
 log = { version = "0.4", features = ["std"] }
 rand = "0.6.4"
 serde_json = "1"
-sys-info = "0.5.7"
+sys-info = "0.9"
 
 [build-dependencies]
 built = { version = "0.3", default-features = false, features = ["serialized_time", "serialized_version"] }