There's a closed pull request on the void-packages repository

musl: backport wcsnrtombs fix.
https://github.com/void-linux/void-packages/pull/26516

Description:
Fix CVE-2020-28928.