Tatsuya Kinoshita reports:
CVE-2018-6196 * table.c: Prevent negative indent value in feed_table_block_tag().
CVE-2018-6197 * form.c: Prevent invalid columnPos() call in formUpdateBuffer().
CVE-2018-6198 * config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c: Make temporary directory safely when ~/.w3m is unwritable.