diff --git a/ci-automation/image.sh b/ci-automation/image.sh
index e1d796b093..662d57c399 100644
--- a/ci-automation/image.sh
+++ b/ci-automation/image.sh
@@ -115,33 +115,65 @@ function _image_build_impl() {
     echo "==================================================================="
     export BOARD_A="${arch}-usr"
     export FROM_A="release"
-    export VERSION_A="current"
     if [ "${channel}" = "developer" ]; then
-            export CHANNEL_A="alpha"
+            NEW_CHANNEL="alpha"
     else
-            export CHANNEL_A="${channel}"
+            NEW_CHANNEL="${channel}"
     fi
+    NEW_CHANNEL_VERSION_A=$(curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://${NEW_CHANNEL}.release.flatcar-linux.net/${BOARD_A}/current/version.txt" | grep -m 1 FLATCAR_VERSION= | cut -d = -f 2)
+    MAJOR_A=$(echo "${NEW_CHANNEL_VERSION_A}" | cut -d . -f 1)
+    MAJOR_B=$(echo "${FLATCAR_VERSION}" | cut -d . -f 1)
+    # When the major version for the new channel is different, a transition has happened and we can find the previous release in the old channel
+    if [ "${MAJOR_A}" != "${MAJOR_B}" ]; then
+        case "${NEW_CHANNEL}" in
+          lts)
+            CHANNEL_A=stable
+            ;;
+          stable)
+            CHANNEL_A=beta
+            ;;
+          *)
+            CHANNEL_A=alpha
+            ;;
+        esac
+        VERSION_A=$(curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://${CHANNEL_A}.release.flatcar-linux.net/${BOARD_A}/current/version.txt" | grep -m 1 FLATCAR_VERSION= | cut -d = -f 2)
+    else
+        CHANNEL_A="${NEW_CHANNEL}"
+        VERSION_A="${NEW_CHANNEL_VERSION_A}"
+    fi
+    export VERSION_A
+    export CHANNEL_A
     export FROM_B="file://${PWD}/images/latest"
     # Use the directory directly (and BOARD_B and CHANNEL_B are unused)
     export VERSION_B="."
     echo "== Image differences compared to ${CHANNEL_A} ${VERSION_A} =="
-    rm -f package-diff
-    curl -fsSLO --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "https://raw.githubusercontent.com/flatcar-linux/flatcar-build-scripts/master/package-diff"
-    chmod +x package-diff
+    NEW_VERSION=$(git tag --points-at HEAD)
+    cd ..
+    rm -rf flatcar-build-scripts
+    git clone "https://github.com/flatcar-linux/flatcar-build-scripts"
     echo "Package updates, compared to ${CHANNEL_A} ${VERSION_A}:"
-    FILE=flatcar_production_image_packages.txt ./package-diff "${VERSION_A}" "${VERSION_B}"
+    FILE=flatcar_production_image_packages.txt flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}"
     echo
     echo "Image file changes, compared to ${CHANNEL_A} ${VERSION_A}:"
-    FILE=flatcar_production_image_contents.txt FILESONLY=1 CUTKERNEL=1 ./package-diff "${VERSION_A}" "${VERSION_B}"
+    FILE=flatcar_production_image_contents.txt FILESONLY=1 CUTKERNEL=1 flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}"
     echo
     echo "Image kernel config changes, compared to ${CHANNEL_A} ${VERSION_A}:"
-    FILE=flatcar_production_image_kernel_config.txt ./package-diff "${VERSION_A}" "${VERSION_B}"
+    FILE=flatcar_production_image_kernel_config.txt flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}"
     echo
     echo "Image file size change (includes /boot, /usr and the default rootfs partitions), compared to ${CHANNEL_A} ${VERSION_A}:"
-    FILE=flatcar_production_image_contents.txt CALCSIZE=1 ./package-diff "${VERSION_A}" "${VERSION_B}"
+    FILE=flatcar_production_image_contents.txt CALCSIZE=1 flatcar-build-scripts/package-diff "${VERSION_A}" "${VERSION_B}"
     echo
     BASE_URL="http://${BUILDCACHE_SERVER}/images/${arch}/${vernum}"
     echo "Image URL: ${BASE_URL}/flatcar_production_image.bin.bz2"
+    echo
+    # Provide a python3 command for the CVE DB parsing
+    export PATH="$PATH:$PWD/scripts/ci-automation/python-bin"
+    # The first changelog we print is always against the previous version of the new channel (is only same as CHANNEL_A VERSION_A without a transition)
+    flatcar-build-scripts/show-changes "${NEW_CHANNEL}-${NEW_CHANNEL_VERSION_A}" "${NEW_VERSION}"
+    # See if a channel transition happened and print the changelog against CHANNEL_A VERSION_A which is the previous release
+    if [ "${CHANNEL_A}" != "${NEW_CHANNEL}" ]; then
+      flatcar-build-scripts/show-changes "${CHANNEL_A}-${VERSION_A}" "${NEW_VERSION}"
+    fi
     )
 }
 # --
diff --git a/ci-automation/python-bin/python3 b/ci-automation/python-bin/python3
new file mode 100755
index 0000000000..ccc29501dc
--- /dev/null
+++ b/ci-automation/python-bin/python3
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Expects to be invoked as interpreter through a shebang
+FOLDER="$(dirname "$(readlink -f "$1")")"
+docker pull docker.io/python:alpine 2>/dev/null >/dev/null
+# Map the current and the script folder, install the pip package needed for flatcar-build-scripts/show-fixed-kernel-cves.py
+exec docker run --rm -i -v "${FOLDER}:${FOLDER}" -v "${PWD}:${PWD}" -w "${PWD}" docker.io/python:alpine sh -c "pip install packaging 2>/dev/null >/dev/null; python3 $*"