#### Why I did it
src/dhcpmon
```
* 7c55e50 - (HEAD -> master, origin/master, origin/HEAD) Merge pull request #13 from jcaiMR/dev/jcai_master_interface_counter (7 days ago) [StormLiangMS]
* 085a087 - refine counting logic (10 days ago) [jcaiMR]
* de96a98 - Merge branch 'master' into dev/jcai_master_interface_counter (11 days ago) [jcaiMR]
* 5cb4468 - dhcp per-interface counter init commit (12 days ago) [jcaiMR]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/dhcprelay
```
* 2b33d76 - (HEAD -> master, origin/master, origin/HEAD) dhcpv6 per interface counter support (#43) (7 days ago) [jcaiMR]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-common
```
* 3d3bc1a - (HEAD -> master, origin/master, origin/HEAD) [Credo][Ycable] Fix for displaying 'N/A' firmware version when NIC endpoint is power off (#366) (2 hours ago) [Xinyu Lin]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-mgmt-common
```
* 4cfc882 - (HEAD -> master, origin/master, origin/HEAD) CVL error reporting enhancements (#97) (5 hours ago) [Sachin Holla]
* 4a88fe7 - transformer infra optimization on uri path unmarshaling (#99) (6 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
[staticroutebfd] change bfd to singlehop
staticroutebfd should use singlehop bfd. Because of a bug (portchannel+singlehop) in the SDK, we were using multi-hop as a temporary workaround. Now the SDK issue is solved, need to switch to singlehop BFD mode.
Why I did it
Created patches to address two CVEs from FRR CVE-2023-41359 and CVE-2023-41360.
Patch FRR commit CVE fixed
0022-bgpd-Don-t-read-the-first-byte-of-ORF-header-if-we-a.patch FRRouting/frr@3515178 CVE-2023-41360
0023-bgpd-Make-sure-we-have-enough-data-to-read-two-bytes.patch FRRouting/frr@460ee93 CVE-2023-41359
Work item tracking
Microsoft ADO (number only):
How I did it
Porting fixes as patches from FRR.
How to verify it
Azure Pipeline tests should cover the sanity. In addition ran basic tests.
In #15080, there was a command added to re-add 127.0.0.1/8 to the lo
interface when the networking configuration is being brought down.
However, the trigger for that command is `down`, which, looking at
ifupdown2 configuration files, runs immediately after 127.0.0.1/16 is
removed. This means there may be a period of time where there are no
loopback addresses assigned to the lo interface, and redis commands will
fail.
Fix this by changing this to pre-down, which should run well before
127.0.0.1/16 is removed, and should always leave lo with a loopback
address.
Signed-off-by: Saikrishna Arcot <sarcot@microsoft.com>
#### Why I did it
src/sonic-mgmt-common
```
* 14962fe - (HEAD -> master, origin/master, origin/HEAD) CVL database access layer changes (#100) (30 hours ago) [Balachandar Mani]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-host-services
```
* 1a5a0bf - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#74) (8 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-common
```
* 0dafb55 - (HEAD -> master, origin/master, origin/HEAD) Remove command to install libhiredis deb file (#398) (9 hours ago) [Saikrishna Arcot]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Write error message to syslog when add user failed or connect to TACACS server failed.
#### Why I did it
With these messages, we can downgrade TACACS server with issue to lower priority.
##### Work item tracking
- Microsoft ADO: 24667696
#### How I did it
Write error message to syslog when add user failed or connect to TACACS server failed.
#### How to verify it
Pass all UT.
Manually verify error message generated.
### Description for the changelog
Write error message to syslog when add user failed or connect to TACACS server failed.
#### Why I did it
src/sonic-mgmt-common
```
* ee3029d - (HEAD -> master, origin/master, origin/HEAD) DB Access Layer Merges: (#96) (11 hours ago) [a-barboza]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-linux-kernel
```
* fa40db7 - (HEAD -> master, origin/master, origin/HEAD) Change the system.map file permission only readable by root (#329) (21 hours ago) [xumia]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-gnmi
```
* 6fd461c - (HEAD -> master, origin/master, origin/HEAD) Get origin from prefix (#149) (17 hours ago) [ganglv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
* Change the CAK key length check in config plugin, macsec test profile changes
* Fix the format in add_profile api
The changes needed in various macsec unit tests and config plugin when we move to accept the type 7 encoded key format for macsec. This goes along with PR : sonic-net/sonic-swss#2892 raised earlier.
### Why I did it
We're not adding any patch on top of hiredis, and there's no apparent reason to build this. Remove the build step here, and just install the package from the Debian repos.
##### Work item tracking
- Microsoft ADO **(number only)**: 24381590
#### How to verify it
Build the SONiC image, and load it. Verify that services come up.
Why I did it
There is no reason to build deb package ethtool from source code.
We can install the same version from Debian bullseye mirror.
How I did it
Remove ethtool Makefiles from sonic-buildimage.
Install ethtool via apt-get in pmon container.
#### Why I did it
src/sonic-linux-kernel
```
* 7ee50c9 - (HEAD -> master, origin/master, origin/HEAD) [Mellanox] Upstream kernel patches with HW-MGMT 7.0030.1011 (#327) (29 hours ago) [Kebo Liu]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-platform-daemons
```
* c1c43f6 - (HEAD -> master, origin/master, origin/HEAD) [pmon][chassis][voq] Chassis DB cleanup when module is down (#394) (2 days ago) [vganesan-nokia]
```
#### How I did it
#### How to verify it
#### Description for the changelog
Why I did it
Fixes#15803
In SONiC chassis, routes have recursive nexthop resolution when the routes are learnt from remote linecard.
In some cases after recursive nexthop resolution the number of nexthop for a route could reach 256.
Zebra ran out of space when filling up 256 nexthops which causes zebra crash.
Work item tracking
Microsoft ADO (24997365):
How I did it
Create a patch to port FRRouting/frr#14096 which has change to ignore duplicate nexthop when filling up fpm message
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>
#### Why I did it
src/sonic-linux-kernel
```
* 1800d11 - (HEAD -> master, origin/master, origin/HEAD) AMD-Pensando ELBA SOC support (#322) (23 hours ago) [Ashwin Hiranniah]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-snmpagent
```
* af2d5a4 - (HEAD -> master, origin/master, origin/HEAD) Fix FdbUpdater crash when SAI_FDB_ENTRY_ATTR_BRIDGE_PORT_ID attribute missing. (#286) (19 hours ago) [Hua Liu]
```
#### How I did it
#### How to verify it
#### Description for the changelog
How I did it
Fix the regex for L4 port range in openconfig_acl.py.
How to verify it
Build image and install on Arista-720DT DUT, then try the repro steps in #16189 and confirmed the ACL rule be setup correctly:
Why I did it
Add no-export to bgp sentinel community-list. So that bgp updates from bgp sentinel service must match sentinel community and no-export, otherwise, the bgp update will be dropped.
Work item tracking
Microsoft ADO (24946274):
How I did it
Add no-export to bgp sentinel community-list.
How to verify it
Run UT, case would pass. Build the image and start the device. Add bgp sentinel and check that no-export community exist in bgp sentinel community list.
#### Why I did it
To support SKIP_BUILD_HOOK for curl command so the targets downloaded by curl (SONIC_ONLINE_DEBS, SONIC_ONLINE_FILES) can utilize it.
##### Work item tracking
- Microsoft ADO **(number only)**:
#### How I did it
Add a logic to invoke a real command instead of a `download_packages()` (the same way it's done for wget)
#### How to verify it
Add an online target (with URL attribute).
Add the "SKIP_VERSION=y" to this target.
Check that download_packages is not invoked.
Add yang model for IPv4 DHCP Server.
Add four new tables: DHCP_SERVER_IPV4, DHCP_SERVER_IPV4_CUSTOMIZED_OPTIONS, DHCP_SERVER_IPV4_RANGE, DHCP_SERVER_IPV4_PORT
Bmc is a valid neighbor type in minigraph, however it was missing from the YANG model definition. Usually, the Bmc type device can be neighbor of BmcMgmtToRRouter. This PR is to introduce this type.
Why I did it
According to ACL-Table-Type-HLD, the value type of MATCHES, ACTIONS and BIND_POINTS should be list instead of string. Opening this PR to update the definition of BMCDATA and BMCDATAV6.
How I did it
Update the definition of BMCDATA and BMCDATAV6 in minigraph-parser.
How to verify it
Verified by UT and build SONiC image.
How I did it
Update Yang definition of ACL_TABLE_TYPE.
Update existing testcase.
Add new testcase to cover lowercase key scenario.
How to verify it
Verified by building sonic_yang_models-1.0-py3-none-any.whl. While building the target package, unit tests were run and passed.
- Why I did it
Fixed build failure when flag ENABLE_SFLOW_DROPMON=y set
- How I did it
Fixed sflow dropmon patch to align with hsflowd version 2.0.45
Signed-off-by: rajkumar38 <rpennadamram@marvell.com>
#### Why I did it
src/sonic-gnmi
```
* 7a1b7cd - (HEAD -> master, origin/master, origin/HEAD) Improve full path logic (#146) (37 minutes ago) [ganglv]
```
#### How I did it
#### How to verify it
#### Description for the changelog
#### Why I did it
src/sonic-linux-kernel
```
* a2aa335 - (HEAD -> master, origin/master, origin/HEAD) PATCH] net: allow user to set metric on default route learned via Router Advertisement (#326) (12 hours ago) [abdosi]
```
#### How I did it
#### How to verify it
#### Description for the changelog
### Why I did it
When PFC WD is triggered there is no diagnosis information which makes it difficult to understand why PFC WD was triggered. So, we add a field `additional_information` to accommodate the diagnosis information.
### How to verify it
unit test
