There's a closed pull request on the void-packages repository

python3-rsa: update to 4.6
https://github.com/void-linux/void-packages/pull/25953

Description:
Resolves CVE-2020-13757 and drops Python 2.7 support, which is no big deal, since the only two packages (`python3-google-auth` and `python3-Telethon`) to depend on it both run on Python 3.