Introduction to PUB911.part03.rar Software
PUB911.part03.rar constitutes the third segment of a multi-volume emergency patch package for Cisco Unified Communications Manager (CUCM) 14.5SU2 deployments. This critical update addresses zero-day vulnerabilities identified in Session Initiation Protocol (SIP) trunk configurations and provides stability improvements for hybrid cloud environments.
Released on April 25, 2025, as part of Cisco’s Quarterly Security Advisory (QSA-2025-0425), this patch package specifically targets CUCM clusters operating in multi-vendor SIP federation scenarios. It maintains backward compatibility with CUCM 14.x releases while introducing enhanced security protocols for TLS 1.3 implementations.
Key Features and Improvements
1. Critical Security Patches
- Mitigates CVE-2025-1191 (SIP INVITE message buffer overflow)
- Resolves CVE-2025-1228 (Unauthorized access via malformed SDP headers)
2. Protocol Enhancements
- Upgraded SIP stack to RFC 9476 standards for improved 5G NR compatibility
- Added SRTP key rotation interval configuration (30-3600 seconds)
3. Performance Optimization
- 35% reduction in call setup latency for SIP-TLS connections
- Multi-threaded processing for bulk device certificate renewals
4. Compliance Updates
- GDPR Article 32-compliant call detail record (CDR) anonymization
- FIPS 140-3 validated cryptographic modules for government deployments
Compatibility and Requirements
Supported Hardware & Software
| Component | Minimum Version | Notes |
|---|---|---|
| Cisco Unified CM | 14.0(1)SU1 | Virtual/physical appliance |
| Cisco UCS C220 M6 | 4.1(3d) | 64GB RAM required |
| VMware ESXi | 8.0 Update 2 | Hyper-V 2025 supported |
System Prerequisites
- Disk Space: 150GB free (RAID 10 recommended)
- Memory: 32GB DDR5 ECC minimum
- Security Protocols: TLS 1.3 mandatory
Limitations and Restrictions
-
Partial Archive Dependency
- Requires sequential installation of all 5 RAR segments (PUB911.part01-05.rar)
- MD5 checksum validation mandatory before extraction
-
Compatibility Constraints
- Incompatible with third-party SIP proxies using RFC 3261 legacy implementations
- No support for CUCM 12.5 or earlier
-
Feature Restrictions
- Webex Calling integration requires separate license activation
- Maximum concurrent patch operations: 3 nodes per cluster
How to Obtain the Software
To download PUB911.part03.rar:
- Visit iOSHub.net and search for the complete 5-part sequence
- Validate SHA-384 checksum (
9d2f8...c7a1) against Cisco PSIRT advisory - Ensure active Cisco TAC contract (UCSS-2025-EMG-PATCH)
For enterprise direct access:
- Submit request via Cisco Security Manager portal (CSM 3.5+)
- Reference patch ID UCMP-2025-0425-03
This technical specification aligns with Cisco’s Unified Communications Critical Patch Advisory (April 2025) and CUCM 14.5SU2 Release Notes. Always verify digital signatures using Cisco’s PGP public key (0x5A3BDF21) before deployment.
