diff --git a/deny.toml b/deny.toml
index 0f78dcd0..b5e9410b 100644
--- a/deny.toml
+++ b/deny.toml
@@ -38,15 +38,9 @@ ignore = [
     # Unmaintained build-time proc-macro in the bench harness only (not shipped
     # library code); no upgrade available (tabled 0.21 is latest)
     "RUSTSEC-2026-0173",
-    # pyo3: OOB read in PyList/PyTuple nth/nth_back (RUSTSEC-2026-0176)
-    # Patched in pyo3 >=0.29, but pyo3-async-runtimes has no 0.29 release yet
-    # (still pins pyo3 0.28), so we can't upgrade. Host-side Python bindings
-    # only — not reachable from sandboxed scripts. Remove on pyo3 0.29 bump.
-    "RUSTSEC-2026-0176",
-    # pyo3: missing Sync bound on PyCFunction::new_closure (RUSTSEC-2026-0177)
-    # Same 0.29 blocker; `new_closure` is not called anywhere in this
-    # workspace, so the unsound API is unreachable. Remove on pyo3 0.29 bump.
-    "RUSTSEC-2026-0177",
+    # NOTE: RUSTSEC-2026-0176 and RUSTSEC-2026-0177 (pyo3 OOB read / missing
+    # Sync bound) were resolved by the pyo3 0.29 bump (#2122); both ignores
+    # have been removed now that the workspace resolves pyo3 >=0.29.
 ]
 
 [bans]