diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5ece831032f2..ddfd0c2e58c3 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -278,7 +278,7 @@ jobs:
           sarif_file: ${{ env.DESTDIR }}/govulncheck.out
 
   binaries:
-    uses: docker/github-builder/.github/workflows/bake.yml@c2782c55efa56a01b9c30021db8f5ec3993228a3 # v1.8.0
+    uses: docker/github-builder/.github/workflows/bake.yml@073833262a23a17675c95c4541ab063b7646756b # v1.9.0
     permissions:
       contents: read # same as global permission
       id-token: write # for signing attestation(s) with GitHub OIDC Token
@@ -359,7 +359,7 @@ jobs:
 
   bin-image:
     if: ${{ github.repository == 'docker/buildx' }}
-    uses: docker/github-builder/.github/workflows/bake.yml@c2782c55efa56a01b9c30021db8f5ec3993228a3 # v1.8.0
+    uses: docker/github-builder/.github/workflows/bake.yml@073833262a23a17675c95c4541ab063b7646756b # v1.9.0
     needs:
       - bin-image-prepare
       - test-integration