# SSSD 2.9.3
The SSSD team is announcing the release of version 2.9.3 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.3
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.3.html
RPM packages will be made available for Fedora shortly.
## Feedback
Please provide comments, bugs and other feedback via the sssd-devel
or sssd-users mailing lists:
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
## Highlights
### General information
* The proxy provider is now able to handle certificate mapping and
matching rules and users handled by the proxy provider can be configured
for local Smartcard authentication. Besides the mapping rule local
Smartcard authentication should be enabled with the 'local_auth_policy'
option in the backend and with 'pam_cert_auth' in the PAM responder.
### Important fixes
Passkey doesn't fail when using FreeIPA server-side authentication and
require-user-verification=false.
### New features
* When adding a new credential to KCM and the user has already reached
their limit, the oldest expired credential will be removed to free some
space. If no expired credential is found to be removed, the operation
will fail as it happened in the previous versions.