[Security] Bump PostgreSQL JDBC Driver from 42.2.16 to 42.7.10 (#37941)

* [Security] Bump PostgreSQL JDBC Driver from 42.2.16 to 42.7.10

Upgrades the PostgreSQL JDBC Driver to address multiple CVEs:
- CVE-2024-1597 (CVSS 9.8): SQL injection via preferQueryMode=simple
- CVE-2022-31197: SQL injection in ResultSet.refreshRow
- CVE-2022-21724: Arbitrary code execution via JDBC URL

* Add issue link to CHANGES.md entry (fixes #37942)

Author: bvolpato

CHANGES.md

@@ -94,6 +94,7 @@
 ## Security Fixes
 
 * Fixed [CVE-2023-46604](https://www.cve.org/CVERecord?id=CVE-2023-46604) (CVSS 10.0) and [CVE-2022-41678](https://www.cve.org/CVERecord?id=CVE-2022-41678) by upgrading ActiveMQ from 5.14.5 to 5.19.2 (Java) ([#37943](https://github.com/apache/beam/issues/37943)).
+* Fixed [CVE-2024-1597](https://www.cve.org/CVERecord?id=CVE-2024-1597), [CVE-2022-31197](https://www.cve.org/CVERecord?id=CVE-2022-31197), and [CVE-2022-21724](https://www.cve.org/CVERecord?id=CVE-2022-21724) by upgrading PostgreSQL JDBC Driver from 42.2.16 to 42.7.10 (Java) ([#37942](https://github.com/apache/beam/issues/37942)).
 
 ## Known Issues
 

buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy

@@ -634,7 +634,7 @@ class BeamModulePlugin implements Plugin<Project> {
     def netty_version = "4.1.124.Final"
     // [bomupgrader] determined by: io.opentelemetry:opentelemetry-sdk, consistent with: google_cloud_platform_libraries_bom
     def opentelemetry_version = "1.51.0"
-    def postgres_version = "42.2.16"
+    def postgres_version = "42.7.10"
     // [bomupgrader] determined by: com.google.protobuf:protobuf-java, consistent with: google_cloud_platform_libraries_bom
     def protobuf_version = "4.33.2"
     // TODO(https://github.com/apache/beam/issues/37637): Remove this once the Bom has been updated to at least reach this version