diff --git a/.github/workflows/binaries.yml b/.github/workflows/binaries.yml
index d913cf23d..322081529 100644
--- a/.github/workflows/binaries.yml
+++ b/.github/workflows/binaries.yml
@@ -73,7 +73,7 @@ jobs:
 
     - name: Build provenance for attestation (release only)
       if: github.event_name == 'release'
-      uses: actions/attest-build-provenance@v1
+      uses: actions/attest-build-provenance@v2
       with:
         subject-path: target/${{ matrix.sys.target }}/release/${{ matrix.crate.binary }}${{ matrix.sys.ext }}
 
@@ -142,7 +142,7 @@ jobs:
 
       - name: Build provenance for attestation (release only)
         if: github.event_name == 'release'
-        uses: actions/attest-build-provenance@v1
+        uses: actions/attest-build-provenance@v2
         with:
           subject-path: ${{ env.STELLAR_CLI_INSTALLER }}
 
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index f3c9b1920..3eee404f6 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -38,8 +38,8 @@ jobs:
         check: [advisories, bans, licenses, sources]
     continue-on-error: ${{ matrix.check == 'advisories' }}
     steps:
-    - uses: actions/checkout@v3
-    - uses: EmbarkStudios/cargo-deny-action@b01e7a8cfb1f496c52d77361e84c1840d8246393
+    - uses: actions/checkout@v4
+    - uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba
       with:
         command: check ${{ matrix.check }}