Update DNX SAI version to 14.1.0.1.0.0.0.1

[tjchadaga]

Why I did it

To pick up latest fixes and enhancements

Work item tracking

• Microsoft ADO (number only): 36110346

How I did it

Updated sai-dnx.mk

How to verify it

Image bringup and basic sanity on dnx device

Which release branch to backport (provide reason below if selected)

• 202305
• 202311
• 202405
• 202411
• 202505
• 202511

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

[mssonicbld]

/azp run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[Copilot]

Pull request overview

This PR updates the Broadcom DNX SAI library version from 14.1.0.1.0.0.0.0 to 14.1.0.1.0.0.0.1 to pick up the latest fixes and enhancements from the vendor.

Key changes:

• Incremental version bump of the DNX SAI library (last octet incremented by 1)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

LIBSAIBCM_DNX_URL_PREFIX points to a remote .deb host that is consumed via $(BRCM_DNX_SAI)_URL and SONIC_ONLINE_DEBS, which the generic build logic fetches with curl and installs without any checksum or signature verification. If packages.trafficmanager.net (or its TLS/DNS) is compromised, an attacker could serve a malicious libsaibcm_dnx package that is transparently pulled into SONiC images and executed with full privileges during build and at runtime. To harden the supply chain, ensure this downloaded package is protected by strong integrity verification (for example, pinned content hashes or verified signatures) or is sourced from a repository/mechanism that enforces such verification.