There's a merged pull request on the void-packages repository

Firefox esr update 68.4.1 for CVE
https://github.com/void-linux/void-packages/pull/18140

Description:
https://www.mozilla.org/en-US/firefox/68.4.1/releasenotes/