diff --git a/Cargo.lock b/Cargo.lock
index 992dda6a..aef921ff 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -4,9 +4,9 @@ version = 3
 
 [[package]]
 name = "aes"
-version = "0.8.3"
+version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ac1f845298e95f983ff1944b728ae08b8cebab80d684f0a832ed0fc74dfa27e2"
+checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
 dependencies = [
  "cfg-if",
  "cipher",
diff --git a/Cargo.toml b/Cargo.toml
index 4a31fd1a..20c88ac9 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,7 +11,7 @@ rust-version = "1.71"
 resolver = "2"
 
 [dependencies]
-aes = { version = "0.8.3", optional = true }
+aes = { version = "0.8.4", optional = true }
 bitvec = { version = "1.0.1", optional = true }
 byteorder = "1.5.0"
 ctr = { version = "0.9.2", optional = true }
diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock
index eefd27c7..26f4512b 100644
--- a/supply-chain/imports.lock
+++ b/supply-chain/imports.lock
@@ -440,6 +440,16 @@ criteria = "safe-to-run"
 version = "2.3.2"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.isrg.audits.aes]]
+who = "Tim Geoghegan <timg@divviup.org>"
+criteria = "safe-to-deploy"
+delta = "0.8.3 -> 0.8.4"
+notes = """
+Change affects some unsafe code. The only functional change is to add an
+assertion checking alignment and to change an `as *mut u32` cast to a
+call to `std::pointer::cast`.
+"""
+
 [[audits.isrg.audits.base64]]
 who = "Brandon Pitman <bran@bran.land>"
 criteria = "safe-to-run"