diff --git a/.github/workflows/pkg-rust.yml b/.github/workflows/pkg-rust.yml
index 0d9e3b4..fede686 100644
--- a/.github/workflows/pkg-rust.yml
+++ b/.github/workflows/pkg-rust.yml
@@ -326,7 +326,7 @@ jobs:
       package_test_rules: ${{ steps.pre_process_rules.outputs.package_test_rules }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # TODO: extract common code into helper functions
       - name: Pre-process rules
@@ -588,7 +588,7 @@ jobs:
 
       - name: Verify Docker credentials
         if: ${{ steps.pre_process_rules.outputs.docker_build_rules != '{}' && fromJSON(steps.verify_inputs.outputs.has_docker_secrets) == true }}
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_HUB_ID }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
@@ -641,7 +641,7 @@ jobs:
       # tag.
       - name: Apply rules to Git metadata to generate potential Docker tags
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: ${{ inputs.docker_repo }}
           flavor: |
@@ -700,7 +700,7 @@ jobs:
 
     - name: Checkout repository
       if: ${{ steps.skip.skip != 'true' }}
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Install Rust the hard way rather than using a GH Action because the action doesn't work inside a Docker container.
     # Cargo cross "requires a rustup installation of Rust", an O/S package provided Rust won't
@@ -799,7 +799,7 @@ jobs:
       TOML_CLI_VER: 0.2.3
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v3 # v4 doesn't work on containers with older GLIBC such as ubuntu:bionic or centos:7
 
     - name: Print matrix
       # Disable default use of bash -x for easier to read output in the log
@@ -926,6 +926,7 @@ jobs:
             ;;
           centos|rockylinux)
             #sed -i -e 's/enabled=1/enabled=0/' /etc/yum/pluginconf.d/fastestmirror.conf || true
+            yum update -y # See: https://github.com/NLnetLabs/ploutos/issues/90
             yum install epel-release -y
             yum install -y findutils gcc jq ${{ inputs.rpm_extra_build_packages }}
 
@@ -1594,7 +1595,7 @@ jobs:
     steps:
     # Fetch the test scripts that we will run
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v3 # v4 doesn't work on containers with older GLIBC such as ubuntu:bionic or centos:7
 
     - name: Print matrix
       # Disable default use of bash -x for easier to read output in the log
@@ -1941,7 +1942,7 @@ jobs:
       matrix: ${{ fromJSON(needs.prepare.outputs.docker_build_rules) }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Print matrix
         # Disable default use of bash -x for easier to read output in the log
@@ -1989,7 +1990,7 @@ jobs:
         with:
           platforms: ${{ matrix.platform }}
 
-      - uses: docker/setup-buildx-action@v2
+      - uses: docker/setup-buildx-action@v3
         with:
           version: v0.9.1 # See: https://github.com/docker/build-push-action/issues/755
 
@@ -2030,7 +2031,7 @@ jobs:
       # combined multi-arch image that lacks the architecture specific tag value extension and that will ONLY be
       # pushed if all architecture specific images build and (where supported) passt he sanity check below.
       - name: Build Docker image ${{ steps.gen.outputs.image_name }}
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: ${{ inputs.docker_context_path }}
           file: ${{ inputs.docker_file_path }}
@@ -2054,7 +2055,7 @@ jobs:
 
       - name: Log into Docker Hub
         if: ${{ fromJSON(needs.prepare.outputs.has_docker_secrets) == true }}
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_HUB_ID }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
@@ -2069,7 +2070,7 @@ jobs:
       - name: Publish image to Docker Hub
         id: publish
         if: ${{ fromJSON(needs.prepare.outputs.has_docker_secrets) == true && (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') }}
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: ${{ inputs.docker_context_path }}
           file: ${{ inputs.docker_file_path }}
@@ -2097,7 +2098,7 @@ jobs:
     runs-on: ${{ inputs.runs_on }}
     steps:
       - name: Log into Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_HUB_ID }}
           password: ${{ secrets.DOCKER_HUB_TOKEN }}