diff --git a/ChangeLog b/ChangeLog
index 88f45a5d4..3fb4bffb4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Mon Jul 13 21:40:51 CEST 2009 (tk)
+----------------------------------
+ * docs/signatures.pdf: cover Mach-O files
+
 Mon Jul 13 21:24:05 CEST 2009 (tk)
 ----------------------------------
  * libclamav: handle Mach-O files with type-9 signatures; all special offsets are
diff --git a/docs/signatures.pdf b/docs/signatures.pdf
index ff44dd717..f8098d7fd 100644
Binary files a/docs/signatures.pdf and b/docs/signatures.pdf differ
diff --git a/docs/signatures.tex b/docs/signatures.tex
index 2d835ce8e..0c2fed550 100644
--- a/docs/signatures.tex
+++ b/docs/signatures.tex
@@ -166,6 +166,8 @@ MalwareName:TargetType:Offset:HexSignature[:MinEngineFunctionalityLevel:[Max]]
 	\item 5 = Graphics
 	\item 6 = ELF
 	\item 7 = ASCII text file (normalized)
+	\item 8 = Disassembler data
+	\item 9 = Mach-O files
     \end{itemize}
     And	\verb+Offset+ is an asterisk or a decimal number \verb+n+ possibly
     combined with a special modifier:
@@ -174,7 +176,7 @@ MalwareName:TargetType:Offset:HexSignature[:MinEngineFunctionalityLevel:[Max]]
 	\item \verb+n+ = absolute offset
 	\item \verb+EOF-n+ = end of file minus \verb+n+ bytes
     \end{itemize}
-    Signatures for PE and ELF files additionally support:
+    Signatures for PE, ELF and Mach-O files additionally support:
     \begin{itemize}
 	\item \verb#EP+n# = entry point plus n bytes (\verb#EP+0# for \verb+EP+)
 	\item \verb#EP-n# = entry point minus n bytes