diff --git a/requirements/base.txt b/requirements/base.txt
index 190de4ad84..d0e4814aa1 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -29,13 +29,15 @@ idna==3.6
     # via requests
 imagesize==1.4.1
     # via sphinx
-importlib-metadata==7.0.1
-    # via sphinx
+importlib-metadata==6.11.0
+    # via
+    #   -c common_constraints.txt
+    #   sphinx
 jinja2==3.1.3
     # via sphinx
 markupsafe==2.1.5
     # via jinja2
-packaging==23.2
+packaging==24.0
     # via
     #   pydata-sphinx-theme
     #   sphinx
@@ -83,7 +85,7 @@ typing-extensions==4.10.0
     # via pydata-sphinx-theme
 urllib3==2.2.1
     # via requests
-zipp==3.17.0
+zipp==3.18.1
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt
index 96cc5dbdad..e3bf8eaecd 100644
--- a/requirements/common_constraints.txt
+++ b/requirements/common_constraints.txt
@@ -21,3 +21,12 @@ elasticsearch<7.14.0
 
 # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected
 django-simple-history==3.0.0
+
+# opentelemetry requires version 6.x at the moment:
+# https://github.com/open-telemetry/opentelemetry-python/issues/3570
+# Normally this could be added as a constraint in edx-django-utils, where we're
+# adding the opentelemetry dependency. However, when we compile pip-tools.txt,
+# that uses version 7.x, and then there's no undoing that when compiling base.txt.
+# So we need to pin it globally, for now.
+# Ticket for unpinning: https://github.com/openedx/edx-lint/issues/407
+importlib-metadata<7
diff --git a/requirements/dev.txt b/requirements/dev.txt
index d0ac70cfd1..c4e09a7cbf 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -50,7 +50,7 @@ imagesize==1.4.1
     # via
     #   -r base.txt
     #   sphinx
-importlib-metadata==7.0.1
+importlib-metadata==6.11.0
     # via
     #   -r base.txt
     #   build
@@ -63,13 +63,13 @@ markupsafe==2.1.5
     # via
     #   -r base.txt
     #   jinja2
-packaging==23.2
+packaging==24.0
     # via
     #   -r base.txt
     #   build
     #   pydata-sphinx-theme
     #   sphinx
-pip-tools==7.4.0
+pip-tools==7.4.1
     # via -r dev.in
 pydata-sphinx-theme==0.14.4
     # via
@@ -151,9 +151,9 @@ urllib3==2.2.1
     # via
     #   -r base.txt
     #   requests
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.18.1
     # via
     #   -r base.txt
     #   importlib-metadata
diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt
index a6c9b262ca..ce054e387f 100644
--- a/requirements/pip-tools.txt
+++ b/requirements/pip-tools.txt
@@ -8,11 +8,13 @@ build==1.1.1
     # via pip-tools
 click==8.1.7
     # via pip-tools
-importlib-metadata==7.0.1
-    # via build
-packaging==23.2
+importlib-metadata==6.11.0
+    # via
+    #   -c common_constraints.txt
+    #   build
+packaging==24.0
     # via build
-pip-tools==7.4.0
+pip-tools==7.4.1
     # via -r pip-tools.in
 pyproject-hooks==1.0.0
     # via
@@ -23,9 +25,9 @@ tomli==2.0.1
     #   build
     #   pip-tools
     #   pyproject-hooks
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.18.1
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/pip.txt b/requirements/pip.txt
index 53ad9300b6..4844b90714 100644
--- a/requirements/pip.txt
+++ b/requirements/pip.txt
@@ -4,11 +4,11 @@
 #
 #    make upgrade
 #
-wheel==0.42.0
+wheel==0.43.0
     # via -r pip.in
 
 # The following packages are considered to be unsafe in a requirements file:
 pip==24.0
     # via -r pip.in
-setuptools==69.1.1
+setuptools==69.2.0
     # via -r pip.in