Do you rebuild your container images yourself?

I'm talking not only about trusting the distribution chain but about the situation where some services dont rebuild their images using updated bases if they dont have a new release.

So per example if the particular service latest tag was a year ago they keep distributing it with a year old alpine base...