diff --git a/.github/workflows/add-artifacts-to-release.yml b/.github/workflows/add-artifacts-to-release.yml
index b33142a137..d9b690d549 100644
--- a/.github/workflows/add-artifacts-to-release.yml
+++ b/.github/workflows/add-artifacts-to-release.yml
@@ -29,11 +29,11 @@ jobs:
     strategy:
       matrix:
         include:
-          - os: macos-latest
+          - os: macos-14
             target: x86_64-apple-darwin
             artifact: 'libcorerust.dylib'
             zipname: 'arch-darwin-x86_64'
-          - os: macos-latest
+          - os: macos-14
             target: aarch64-apple-darwin
             artifact: 'libcorerust.dylib'
             zipname: 'arch-darwin-aarch64'
@@ -47,11 +47,11 @@ jobs:
             target: aarch64-unknown-linux-gnu
             zipname: 'arch-linux-aarch64'
             artifact: 'libcorerust.so'
-          - os: windows-latest
+          - os: windows-2022
             target: x86_64-pc-windows-msvc
             artifact: 'corerust.dll'
             zipname: 'arch-windows-x86_64-msvc'
-          - os: windows-latest
+          - os: windows-2022
             target: x86_64-pc-windows-gnu
             artifact: 'corerust.dll'
             zipname: 'arch-windows-x86_64-gnu'
diff --git a/Dockerfile b/Dockerfile
index f87e423822..ad56e523ba 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -49,14 +49,14 @@ ENV VERSION_LAST_TAG=$VERSION_LAST_TAG
 # - https://packages.debian.org/bookworm/openjdk-17-jdk
 RUN apt-get update \
   && apt-get install -y --no-install-recommends \
-    docker.io=20.10.24+dfsg1-1+deb12u1+b2 \
-    libssl-dev=3.0.17-1~deb12u3 \
+    docker.io=20.10.24+dfsg1-1+deb12u1+b3 \
+    libssl-dev=3.0.18-1~deb12u2 \
     pkg-config=1.8.1-1 \
     unzip=6.0-28 \
     wget=${WGET_VERSION} \
     software-properties-common=0.99.30-4.1~deb12u1 \
   && apt-get install -y --no-install-recommends \
-    openjdk-17-jdk=17.0.17+10-1~deb12u1 \
+    openjdk-17-jdk=17.0.18+8-1~deb12u1 \
   && apt-get clean \
   && rm -rf /var/lib/apt/lists/*
 
@@ -131,7 +131,7 @@ RUN apt-get update \
     g++-x86-64-linux-gnu \
     libc6-dev-arm64-cross=2.36-8cross1 \
     libclang-dev=1:14.0-55.7~deb12u1 \
-    libssl-dev=3.0.17-1~deb12u3 \
+    libssl-dev=3.0.18-1~deb12u2 \
     pkg-config=1.8.1-1 \
   && rm -rf /var/lib/apt/lists/*
 
@@ -259,7 +259,7 @@ LABEL org.opencontainers.image.authors="devops@radixdlt.com"
 # - https://packages.debian.org/bookworm/libc6
 RUN apt-get update -y \
   && apt-get -y --no-install-recommends install \
-    openjdk-17-jre-headless=17.0.17+10-1~deb12u1 \
+    openjdk-17-jre-headless=17.0.18+8-1~deb12u1 \
     # https://security-tracker.debian.org/tracker/CVE-2023-38545
     curl=7.88.1-10+deb12u14 \
     gettext-base=0.21-12 \
@@ -268,7 +268,7 @@ RUN apt-get update -y \
     # Fixes CVE-2023-4911 can be removed when we update the base OS image to include this fix
     # docker run -it debian:12.1-slim ldd --version
     # This fix can be removed as long as the version printed in the above command is 2.36-9+deb12u3 or above
-    libc6=2.36-9+deb12u7 \
+    libc6=2.36-9+deb12u13 \
   && apt-get clean \
   && rm -rf /var/lib/apt/lists/*