A critical vulnerability has been identified in the Postgresql JDBC driver.  If you are using Postgresql with ERDDAP,  please update as soon as possible and let us know if it causes any problems.  In the instructions it points to:

> https://mvnrepository.com/artifact/org.postgresql/postgresql

as one place to get the driver.  The instructions on where to put the JDBC driver and other settings are:

> JDBC Driver and <driverName> -- You must get the appropriate JDBC 3 or JDBC 4 driver .jar file for your database and
> put it in tomcat/webapps/erddap/WEB-INF/lib after you install ERDDAP. Then, in your datasets.xml for this dataset, you must specify the <driverName> for this driver, which is (unfortunately) different from the filename. Search on the web for the JDBC driver for your database and the driverName that Java needs to use it.
>
> After you put the JDBC driver .jar in ERDDAP lib directory, you need to add a reference to that .jar file in the .bat and/or .sh script files for GenerateDatasetsXml, DasDds, and ArchiveADataset which are in the tomcat/webapps/erddap/WEB-INF/ directory; otherwise, you'll get a ClassNotFoundException when you run those scripts.

Note that this update can be done without an update to the rest of ERDDAP,  but as always we recommend running  the latest version of ERDDAP  (presently 2.23).