diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 800c3d18b7ce..be9b1ad223f7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -278,7 +278,7 @@ jobs:
           sarif_file: ${{ env.DESTDIR }}/govulncheck.out
 
   binaries:
-    uses: docker/github-builder/.github/workflows/bake.yml@7d2a02426d4b989616ba5aaee4e879afd4134b0d # v1.6.0
+    uses: docker/github-builder/.github/workflows/bake.yml@d4bb88e5e4420d56d283d658b6b5992c1dce04da # v1.7.0
     permissions:
       contents: read # same as global permission
       id-token: write # for signing attestation(s) with GitHub OIDC Token
@@ -359,7 +359,7 @@ jobs:
 
   bin-image:
     if: ${{ github.repository == 'docker/buildx' }}
-    uses: docker/github-builder/.github/workflows/bake.yml@7d2a02426d4b989616ba5aaee4e879afd4134b0d # v1.6.0
+    uses: docker/github-builder/.github/workflows/bake.yml@d4bb88e5e4420d56d283d658b6b5992c1dce04da # v1.7.0
     needs:
       - bin-image-prepare
       - test-integration