opentofu-1.9/1.9.1-r1: cve remediation (#57875)

opentofu-1.9/1.9.1-r1: fix GHSA-fv92-fjc5-jj9h

Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/opentofu-1.9.advisories.yaml

---

### "Breadcrumbs" for this automated service

- **Source Code:** https://go/cve-remedy-automation-source
- **Logs:** https://go/cve-remedy-automation-logs
- **Docs:** _(not provided yet)_

Co-authored-by: octo-sts[bot] <[email protected]>

Author: octo-sts[bot]

opentofu-1.9.yaml

@@ -1,7 +1,7 @@
 package:
   name: opentofu-1.9
   version: "1.9.1"
-  epoch: 1
+  epoch: 2
   copyright:
     - license: MPL-2.0
   dependencies:
@@ -23,6 +23,7 @@ pipeline:
     with:
       deps: |-
         github.com/cloudflare/[email protected]
+        github.com/go-viper/mapstructure/[email protected]
 
   - uses: go/bump
     with: