diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 35f9597..e3e51f3 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -29,7 +29,7 @@ env:
 jobs:
   build-dev-environment:
     name: "Build dev-env (${{ matrix.distro }}-${{ matrix.version }})"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     strategy:
       matrix:
         include:
diff --git a/.github/workflows/check_pr.yml b/.github/workflows/check_pr.yml
index 0ced5ea..3d23c36 100644
--- a/.github/workflows/check_pr.yml
+++ b/.github/workflows/check_pr.yml
@@ -4,7 +4,7 @@ on:
 
 jobs:
   prevent-fixup-commits:
-      runs-on: ubuntu-latest
+      runs-on: ubuntu-24.04
       env:
         target: debian-bookworm
         distro: debian
@@ -19,7 +19,7 @@ jobs:
             git log --pretty=format:%s origin/main..HEAD | grep -ie '^fixup\|^wip' && exit 1 || true
 
   check-changelog:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -32,4 +32,4 @@ jobs:
         run: |
           if git diff --exit-code "origin/${BASE_REF}" -- CHANGELOG.md; then
               echo "::warning::No CHANGELOG.md modifications were found in this pull request."
-          fi
\ No newline at end of file
+          fi
diff --git a/.github/workflows/check_repos.yml b/.github/workflows/check_repos.yml
index ee0489f..ad6e723 100644
--- a/.github/workflows/check_repos.yml
+++ b/.github/workflows/check_repos.yml
@@ -14,7 +14,7 @@ on:
 jobs:
   install-from-apt-repo:
     name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     container: ${{ matrix.distro }}:${{ matrix.version }}
     strategy:
       matrix:
@@ -75,7 +75,7 @@ jobs:
 
   install-from-yum-repo:
     name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     container: ${{ matrix.distro }}:${{ matrix.version }}
     strategy:
       matrix:
diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml
index cf503fd..2ca83f2 100644
--- a/.github/workflows/close-issues.yml
+++ b/.github/workflows/close-issues.yml
@@ -5,7 +5,7 @@ on:
 
 jobs:
   close-issues:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     permissions:
       issues: write
     steps:
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index c4bd6a3..f3f988f 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -10,7 +10,7 @@ on:
 
 jobs:
   security-scan-container:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -54,7 +54,7 @@ jobs:
           severity-cutoff: critical
 
   security-scan-app:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/.github/workflows/scan_released.yml b/.github/workflows/scan_released.yml
index 3688e61..5c373d9 100644
--- a/.github/workflows/scan_released.yml
+++ b/.github/workflows/scan_released.yml
@@ -9,7 +9,7 @@ jobs:
     strategy:
       matrix:
         include:
-          - runs-on: ubuntu-latest
+          - runs-on: ubuntu-24.04
             arch: i686
           # Do not scan Silicon mac for now to avoid masking release scan results for other plaforms.
           # - runs-on: macos-latest
@@ -55,7 +55,7 @@ jobs:
           severity-cutoff: critical
 
   security-scan-app:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout
         uses: actions/checkout@v4