diff --git a/kube/deploy/apps/nextcloud/app/hr.yaml b/kube/deploy/apps/nextcloud/app/hr.yaml
index b58ec93cc1..2f80e00533 100644
--- a/kube/deploy/apps/nextcloud/app/hr.yaml
+++ b/kube/deploy/apps/nextcloud/app/hr.yaml
@@ -94,7 +94,7 @@ spec:
           redis:
             image:
               repository: "public.ecr.aws/docker/library/redis"
-              tag: "7.2.4-bookworm@sha256:3e2b0d0d7a7d0340aabc9af452b7eaf5a3d5869bc803a4c5a8a92fa78a30f156"
+              tag: "7.2.4-bookworm@sha256:3134997edb04277814aa51a4175a588d45eb4299272f8eff2307bbf8b39e4d43"
             command: ["redis-server", "--port", "0", "--bind", "127.0.0.1", "--unixsocket", "/sockets/redis.sock", "--unixsocketperm", "700"]
             securityContext: *sc
             resources:
diff --git a/kube/deploy/apps/paperless-ngx/app/hr.yaml b/kube/deploy/apps/paperless-ngx/app/hr.yaml
index 4a8b556345..2348f27012 100644
--- a/kube/deploy/apps/paperless-ngx/app/hr.yaml
+++ b/kube/deploy/apps/paperless-ngx/app/hr.yaml
@@ -100,7 +100,7 @@ spec:
           redis:
             image:
               repository: "public.ecr.aws/docker/library/redis"
-              tag: "7.2.4-bookworm@sha256:3e2b0d0d7a7d0340aabc9af452b7eaf5a3d5869bc803a4c5a8a92fa78a30f156"
+              tag: "7.2.4-bookworm@sha256:3134997edb04277814aa51a4175a588d45eb4299272f8eff2307bbf8b39e4d43"
             command: ["redis-server", "--save", "''", "--appendonly", "no", "--port", "0", "--bind", "127.0.0.1", "--unixsocket", "/sockets/redis.sock", "--unixsocketperm", "700"] # save and appendonly options forcibly disable RDB and AOF persistence entirely
             securityContext: *sc
             resources:
diff --git a/kube/deploy/apps/yagpdb/app/hr.yaml b/kube/deploy/apps/yagpdb/app/hr.yaml
index ddd4bf7b98..227ee533f3 100644
--- a/kube/deploy/apps/yagpdb/app/hr.yaml
+++ b/kube/deploy/apps/yagpdb/app/hr.yaml
@@ -71,7 +71,7 @@ spec:
           redis:
             image:
               repository: "public.ecr.aws/docker/library/redis"
-              tag: "7.2.4-bookworm@sha256:3e2b0d0d7a7d0340aabc9af452b7eaf5a3d5869bc803a4c5a8a92fa78a30f156"
+              tag: "7.2.4-bookworm@sha256:3134997edb04277814aa51a4175a588d45eb4299272f8eff2307bbf8b39e4d43"
             command: ["redis-server", "--save", "''", "--appendonly", "no", "--port", "6379", "--bind", "127.0.0.1"]
             securityContext: *sc
             resources: