It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904