Imo debloating the apps itself is not possible. To do that, you would need to somehow decomplie them, change the code, repackage them and install them as custom applications. This might be possible in theory, but is not feasible in a real-world scenario.

I recommend the following two options:

1. Use different clients where possible. For youtube F-Droid has some alternatives. For reddit I don’t know the current status.
2. Use a VPN based solution such as AdAway. It can block requests based on target IP or Domain. But keep in mind that blocking certain requests can prevent the app from working.

If I understand this correctly, it only affects certificates issued by public CAs (certificates for public websites, for example). So for certs issued by a company CA (e.g. for internal infrastructure), it should not apply. Can anyone confirm?