diff --git a/Dockerfile b/Dockerfile
index b176991..254d8b1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,8 @@
 # syntax=docker/dockerfile:1.7-labs
 ### STAGE 0: Create base chef image for building
-### cargo chef is used to speed up the build process by caching dependencies using docker
-FROM --platform=$TARGETPLATFORM lukemathwalker/cargo-chef:latest-rust-latest as chef
+### Use a Debian bookworm-based Rust image so GLIBC matches the final runtime (bookworm ships glibc 2.36)
+### cargo-chef is then installed into this pinned base
+FROM --platform=$TARGETPLATFORM rust:bookworm AS chef
 
 RUN cargo install cargo-chef
 
@@ -20,7 +21,11 @@ RUN cargo chef prepare
 ### this takes advantage of docker layer caching to the max
 FROM chef as builder
 COPY --from=planner /app/recipe.json recipe.json
-RUN apt-get update && apt-get -y upgrade && apt-get install -y gcc libclang-dev pkg-config libssl-dev
+RUN apt-get update && apt-get -y upgrade && apt-get install -y \
+	gcc \
+	libclang-dev \
+	pkg-config \
+	libssl-dev
 
 RUN --mount=type=ssh cargo chef cook --release --recipe-path recipe.json --bin zenith-builder-example 
 COPY --exclude=target . .
@@ -29,7 +34,9 @@ RUN --mount=type=ssh cargo build --release --bin zenith-builder-example
 
 # Stage 3: Final image for running in the env
 FROM --platform=$TARGETPLATFORM debian:bookworm-slim
-RUN apt-get update && apt-get -y upgrade && apt-get install -y libssl-dev ca-certificates 
+RUN apt-get update && apt-get -y upgrade && apt-get install -y \
+		libssl-dev \
+		ca-certificates
 
 COPY --from=builder /app/target/release/zenith-builder-example /usr/local/bin/zenith-builder-example