There is a new pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages gitea
https://github.com/void-linux/void-packages/pull/26491

gitea: update to 1.12.6
Fixes CVE-2020-14144

A patch file from https://github.com/void-linux/void-packages/pull/26491.patch is attached